MiMail
MiMail
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Mimail mutant maximises Mydoom misery

Double whammy as Mimail.S variant adds to worldwide devastation

Robert Jaques, vnunet.com 30 Jan 2004
ADVERTISEMENT

The devastation created by the Mydoom virus, which is still spreading, has been compounded by the detection of a previously unknown mutant of the Mimail virus.

One in every five emails currently transmitted is thought to be carrying Mydoom, with four million infected emails thought to be in circulation.

Internet security firm Panda Software said that variant 'S' of Mimail (W32/Mimail.S.worm) is very similar to its prolific predecessors and could not have arrived at a worse time.

"The appearance of these two viruses at the same time means that you can never drop your guard, and that you must be extremely careful with all the email you receive," said Luis Corrons, director of PandaLabs.

Mimail.S uses its own SMTP engine to send itself out to all the addresses it finds on the affected computer in an email with the following characteristics:

Subject: a random combination of the following phrases:

  • Re:
  • Re[2]:
  • Re[3]:/smart,cool,sexy,super/pics,images,pictures,photos,photo, picture/private
  • only for you
  • just for you
  • important
  • very important

Mimail.S is more dangerous than Mydoom in that it tries to steal the credit card details belonging to the user of the infected computer.

In order to do this, it displays a fake form warning users that their Windows licence has expired, and prompting them to renew it.

This form requests personal information including a credit card number, its expiry date and Pin.

After the user has entered the requested data, Mimail.S checks whether the credit card number is correct and displays an error message if it is not.

Meanwhile, Mydoom.A is now attacking companies without protection that survived the first wave of infected messages.

According to data collected by Panda Software's online antivirus service, Mydoom.A has infected six times more computers than Bugbear.B, the second most prevalent virus it has detected.

Corporate environments around the globe have been hit the hardest by Mydoom.A, and the number of infected computers has reached 400,000, according to Panda.

See also:

SCO
SCO Group falls to MyDoom
Distributed DoS attack cripples software firm's website  03 Feb 2004
Virus
Red alert as Mydoom.B mutant strikes
First variant more dangerous than the original, warns antivirus firm  29 Jan 2004
MyDoom
MyDoom.A heads for infection record
Worm hits 15 per cent of global email traffic in first 24 hours  28 Jan 2004
MiMail
New MiMail sneaks past filters
Latest variant includes downloader in PayPal message  16 Jan 2004
Virus
Worm variant targets PayPal users
Credit card harvester 'MiMail I' spreading worldwide  14 Nov 2003
Virus
Destructive MiMail variant hits web
Promise of sexy photos will only give users a headache  03 Nov 2003

All Enterprise Security Technology

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
R E A D E R   C O M M E N T S
Post your comment Post your comment   What is this?

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Process consultant
| Greythorn IT
Leading Mobile Network vendore is currently seeking a Process consultant for a positions based either in the Middle east or Africa. We are looking for around 10 years experience with at least 5 years business ... more >
Arabic Speaking Sales manager
| Greythorn IT
Tier 1 Network solutions provider is currently seeking an experienced Telecommunications sales manager to work in their Abu Dhabi office. There is a brilliant benefits package as well as an attractive salary available for the ... more >
Egyptian Network Operation /Supervision Engineer
| Greythorn IT
Leading network solutions provider in Egypt is currently seeking and experienced Egyptian Network Operation /Supervision Engineer. There are competitive packages and attractive benefits package on offer for the right candidate. You will be responsible to ... more >
Service Assurance manager
| Greythorn IT
A leading network Solutions vendor is currently seeking an Egyptian national to act as a Service Assurance manager out of their Egyptian office. Ideally we are looking for someone with Vendor based experience however other ... more >
More job opportunities
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Feedback . Contacts
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503