Tuesday, October 22, 2024

Take a peek behind the curtain and test drive the NEW StateNews.com today!
NEWS / MSU

Virus with authentic look attacks e-mail accounts

MyDoom released by downloading e-mail attachment

Margaret Harding
February 18, 2005

A "clever, nasty little" virus has been infecting MSU Webmail accounts, MSU officials said.

The MyDoom virus is a variant of an existing worm that sends out e-mails with different subject lines and addresses that look like authentic messages about mail problems, said Rich Wiggins, senior information technologist for Academic Computing & Network Services.

"This is spreading all over the world," Wiggins said. "This current one came out on Tuesday, but older versions have been around for quite some time."

On Wednesday evening, Academic Computing & Network Services began blocking the virus and by the end of Thursday, about a million copies were stopped, Wiggins said.

Each e-mail comes with an attachment that releases the virus once it is downloaded. The virus then scans the hard drive for e-mail addresses, plugs them into a search engine such as Google and e-mails the addresses that show up, Wiggins said.

"As far as we know, it doesn't delete or modify files, but it does compromise the security settings," Wiggins said. "This would allow for further attacks from remote locations."

Marketing freshman James Tucci opened a seemingly authentic e-mail from "postmaster@pilot.msu.edu" that told him to open an attachment for further instructions.

"It had the subject line and the sender address just like it was an actual e-mail," Tucci said. "Nothing opened when I downloaded the attachment. I got six e-mails saying about the same thing."

Tucci said he has seen no negative affects from the attachment, but he expected Norton AntiVirus, which he updated last week, to stop any viruses.

"I hoped that since I ran that CD MSU gave us at the beginning of the year, it would be protecting me," Tucci said. "I'm disappointed, but at least it didn't cause any harm."

The new virus looks like it hit hard on Tuesday, so anti-virus protection that isn't continuously updated won't stop it, Wiggins said.

Mathematics freshman Brad Armstrong said he realized he was infected with the virus when a business e-mailed him saying he sent them a virus.

"It doesn't trick you, like some AOL viruses where you make a mistake," Armstrong said. "With this, you barely know you're running anything. You do it without knowing it."

Students can check the identity of any e-mail from Academic Computing & Network Services because each message has a link to the computing Web site, where the same information as the e-mail is posted to verify its authenticity, Wiggins said.

The virus also can send messages from the address of a person who opened the attachment, Wiggins said.

The help desk received a few hundred calls Wednesday about the e-mails, he said.

"It's nowhere near as bad as some of the past viruses we've had, but it's annoying," Wiggins said. "It confuses and upsets people, and wastes network resources."

For more information about viruses, go to help.msu.edu/protect.

Discussion

Share and discuss “Virus with authentic look attacks e-mail accounts” on social media.

 facebook  twitter

Police respond to shooting at Berkey Hall

TRENDING