MyDoom Keeps Coming

The latest version of the malicious worm was detected early Tuesday by the Internet Storm Center, Bethesda, Md.

As of 11 a.m. today, a signature of the new MyDoom worm was still not available.

What is known is that the new MyDoom variant attacks in a similar fashion to its most recent predecessors, MyDoom.m and MyDoom.o, exploiting Internet search engines to propagate, according to a Storm Center alert.

MyDoom.m and MyDoom.o put security experts on high alert and were both SMTP-based mass-mailing worms which attempted to fool users into opening the e-mails in which they arrive by mimicking returned mail notifications.

Common subject-line headers include "delivery failure notification," "status," "delivery reports about your e-mail," and "returned mail: see transcript for details," according to security experts.