Beginning in late January 2004, an email worm called Mydoom caught the attention of the world—and led Microsoft to offer $250,000 for information leading to its creator’s apprehension.
At its peak, Mydoom accounted for approximately one-quarter of all email traffic worldwide. The worm’s initial version—Mydoom.A—was programmed to launch a denial-of-service (DoS) attack on The SCO Group Inc., a Unix vendor. SCO offered a $250,000 reward for information on the worm’s origins. Mydoom.B arrived days later, and its programmed target was Microsoft, prompting the tech giant’s own bounty. This was the third cash reward Microsoft had offered under a $5 million program announced in November 2003 to help apprehend cybercriminals.
In true worm fashion, #Mydoom spread via email attachment, often in attachments purporting to be failed sent messages, thus tricking the worm recipient into opening the attachment to see what had caused the failure. Of course, opening the attachment launched an executable that searched the recipient’s computer for email addresses to send itself to.
Other enticing Mydoom subject lines included the catchy “Click me baby, one more time.”
Shortly after Mydoom’s splashy debut, the initial worms died out as they were programmed to stop replicating following the associated DoS attack. However, Microsoft was able to deflect any Mydoom-related DoS attack, having the advantage of following SCO’s misfortunes.
Variants of Mydoom have continued to circulate for the past 18 years, with the most notable related incident being a July 26, 2004, attack on Google and other search engines.
Enjoyed this post? You can check out previous installments of Tech Time Warp, click here.
Photo: JLStock / Shutterstock