NEWS FROM THE LAB - Saturday, October 16, 2004

Mydoom.AE found Posted by Mikko @ 19:11 GMT

We've received some sightings of a new Mydoom variant, which we now detect as Mydoom.AE.

It's pretty astonishing these guys just keep pumping out new variants when they know several people are actively trying to find out who they are (to collect the $250,000 bounty offered for their head).

This latest variant contains a hidden message which comments on hidden comments found from some earlier Netsky variants:

 Lucky's Av's ;P~.
 Sasser author gets IT security job and we will work with Mydoom , P2P worms and exploit codes .
 Also we will attack f-secure,symantec,trendmicro,mcafee , etc.
 The 11th of march is the skynet day lol .
 When the beagle and mydoom loose, we wanna stop our activity <== so Where is the Skynet now? lol.

We don't think this variant is going to become too widespread. Email worms started over a weekend typically don't.