The following is a journal review of an article found during a search on the current computer threat:  MyDoom.  This journal article is just one of many on the topic of computer threats.

Latest Worm has Professional Twist

Bill Husted, “The Atlanta Journal-Constitution”, 1/28/04
A review by Carolyn Johnson, 2/19/04

“MyDoom”?  How bad can it really be?  Here is just one view point, only one aspect of this newest threat to our computers.

MyDoom is an example of a better-built worm probably created by virus kits available on-line through any search engine or directory.  Being hard to detect and moving very quickly, this new breed of computer threat has reached the professionally programmed level. More sophisticated and technical, these better built worms turn a computer into a “robot” sending out spam e-mail messages to those in an address book.  This concept is not new but with the lighting speed to which MyDoom spread, in no time one in nine e-mails was infected.

It is feared, states Mr. Husted, that this worm contains a “keystroke-logger” program.  If true, the original sender of the worm can monitor infected machines for entry of typed data, including credit card numbers and passwords.  The program could be used to store card numbers, passwords, bank account numbers, and government data.

Roger Thompson, director of malicious-code research for TruSecure, an anti-virus firm, states that this is an area that could have organized crime connections.  Others in the field of anti-virus protection also suggest that keystroke-loggers are highly suspicious.  This is the reason for fire-walls which detect and prevent remote access through unprotected computer ports.

Amateur worms promised attachments that would entice many to open the file.  MyDoom uses the official looking failed e-mail message.  Once the attachment is opened…not the e-mail itself…the worm attacks the stored e-mail address contained on the host system.  The worm uses the name associated with the host and sends out bogus, infected e-mails in hopes of catching another user of guard.  Since the e-mail is sent from someone known to the recipient, the e-mail and attachment are opened.  The e-mail looks professional and on the up-and-up which leads anti-virus firms believing in the skills and technical know-how of the creators has improved to that of a professional.

The professional code of MyDoom, also known as Navarg, has more features than the original worm threats.  These behaviors are the result of more technical and better quality coding.  Code such as that shown in the MyDoom is making it more difficult to stop.

Worms were created to cause congestion of networks, especially e-mail.  And it has worked!  The more professional hackers get into this arena, the more likely the intent will go beyond the purpose of “traffic congestion.”  Imbedded keystroke-loggers seem to be the next logical step.

Husted, Bill (2004). “Latest worm has professional twist” The Atlanta Journal-Constitution.   As referenced on Feb. 19, 2004.  http://www.ajc.com/business/content/business/0104/28worm.html