VXer looking for employment

September 2004


VXer looking for employment

The most recent version of the MyDoom virus, dubbed MyDoom.V, contains a cleartext message to all and sundry, stating "We searching 4 work in AV industry". It seems the VX business simply isn't that profitable anymore due to the efforts of AV researchers, or else the person or persons behind Bagle really are winning the much-hyped "war of words and worms".

Mydoom.V was analysed at Bitdefender Labs and a signature update has been issued. The virus has been released in multiple minor sub-versions, some of which may be in the wild, and which are just recompilations of the same source. The virus includes a stealth backdoor module and uses a rather sneaky social engineering trick. It adds a string stating that the mail was found clean by BitDefender or by one of the other major antivirus software products.

The string used is "Attachment: No Virus found" and bears no resemblance with the actual message that BitDefender antivirus software attaches to clean mail messages.

A technical description of the virus can be found here.


Share This ON: