You've probably heard this already, but I thought a discussion would be interesting.
http://www.wired.com/news/technology/0,1282,62105,00.html?tw=wn_tophead_7

Does anyone have any idea how to track down the author? Due to it's nature it would be infinately difficult to trace back through all of it's infections unless another worm-like device was made. And the author problably released it in an intelligent manner (internet cafe, then server hopping).

What do you think of the personal string the code holds? "Andy; I'm just doing my job, nothing personal, sorry."

Well, since "Andy" is at the beginning of the sentence I think the comment is directed TO Andy. I think the bastard was pissed at this "Andy" and hacked into their computer, then used "Andy's" email to send the virus and eventually it will be traced back to this "Andy" who will be blamed for it. The virus is apologizing because it is only doing what it was told to do. (By the writer/enemy)


OK, if this get's turned into a movie I have documented proof I came up with it here, today on Jan 30th, 2004 at 11:21 am Pacific. 8)

OK, if this get's turned into a movie I have documented proof I came up with it here, today on Jan 30th, 2004 at 11:21 am Pacific. 8)

The movie was made, the virus is just a marketing gimic. :D

Shouldn't the author have made it insanely easy to track? So "Andy" gets framed?

How about this -
Write another worm that sniffs computers for MyDoom, and if it's infected it sends the infection time and source sender to a central server. The server compiles the list of infected computers, and makes a map that shows the worm's progress and general origin.

Or you could hack into Interpol and find out what they know about it... :wink:

I found him!:jawdrop:

Here he is, ladies and gentlemen!

http://www.pocketpcthoughts.com/forums/images/avatars/3184678483f8cb39bbdcac.jpg

-Justin.

Maybe "Andy" should turn this guy in, and get the last laugh... :wink:

How about this -
Write another worm that sniffs computers for MyDoom, and if it's infected it sends the infection time and source sender to a central server. The server compiles the list of infected computers, and makes a map that shows the worm's progress and general origin.


Didn't the last big worm (4 months ago?) have a rev B where someone took it and re-wrote it so it repaired what the first worm did, then delete itself off your system? Why can't someone do the same thing here? I read MyDoom opens a particular port, couldn't you write a worm that looks for that port, crawls in, installs a patch then deletes itself?

And how stoopid is it that if someone DID do this then they could get busted too? :roll:

I found him!:jawdrop:

Here he is, ladies and gentlemen!

http://www.pocketpcthoughts.com/forums/images/avatars/3184678483f8cb39bbdcac.jpg

-Justin.

Experts have just seen a surge in web traffic that they attribute to yet another worm, called MiMail.S, or "MyDoom.C". Although similar to the last variant, this one targets www.ppcc.vze.com, and contains the message "Justin; I'm just doing my job, nothing personal, sorry."

I've written my share of malicious code, but have never let it go. Besides, experts think that the worm originated in Russia. (Good! My server-hopping worked!) 8)

experts think that the worm originated in Russia.

An undercover Symantec operative using Siberia as his ( her ) base of operations perhaps? :twisted:

Kidding! ( sort of :wink: )

Six more minutes until it hits! 8O

Welchia was the RevB that supposedly fixed Blaster. But it was worse....all the traffic it generated took down networks.