Andrew Gordon, managed services architect at anti-virus software vendor Trend Micro, said he has seen quite a few variants of MyLife coming through over the past couple of weeks and is concerned about the MyLife family of worms because there had been new variants at the pace of one or two a week recently.
The most recent, MyLife.j, came with the attachment renamed usa.scr.
-We obviously quite often get many variants, but it has been very quick," Gordon said.
Part of this, Gordon suggests, is that MyLife is a well-crafted worm in contrast to those which are written by amateurs or people using tools they have found on the Internet.
-[This worm] is written quite well and that's why people have taken this one as a cookie cutter," Gordon said. -You don't have to be a wonderbrain to be a virus writer these days."
Likewise, Stuart Palmer, managing director of Sophos in Australia, agreed there had been a number of variants of the MyLife worm and he believes that users had been smart in spotting a similar pattern in these worms.
Sophos had used its Australian lab to work out detection algorithms and disinfection routines for the MyLife.b and MyLife.h variants.
Sean McDonald, virus analyst at Sophos, said the MyLife worm was written in a Visual Basic, as opposed to a lot of parasitic viruses which may be written in assembly languages.
-Some of the variants have had quite devastating payloads," McDonald said. -[But} this is basically the run-of-the-mill worm."
Hi there,
Unfortunately for me I read the article on the my life virus all too late. It came to me as the attachment list480.txt from a friend and as my Norton did not pick it up (my fault for being so naïve to believe that virus checkers are infallible) I just clicked away and got annoyed when it appeared to be a dud attachment. Within minutes I was getting returned e-mails which aroused my suspicions as I had not sent any. After checking what I had supposedly sent I realised what was happening. Initially I thought this was just an e-mail worm and nothing more but I did remove all traces of it...or so I thought. Apparently this little blighter laid dormant in my system for a day and then without warning, up popped this little dialog box titled LoOoOoOoOol or some such which proceeded to disable my Norton as well as everything else so my only option was to shutdown but I had to acknowledge this message first. I suspect the damage may have already been done at that stage anyway. So when I went to restart all I got was lines of text saying this file and that file was missing or corrupted etc etc. Forget about trying to copy the files from my CD as my CDRom apparently did not exist anymore...either of them! Hmmm. So I learnt the hard way anyway, it's a bugger of a virus and it just sucks basically. At least I know that after I formatted my drive it is gone! Had no choice, the hard drive was toasted after my little visitation.
Don't know what variant it was but my advice is to be wary of them all!!
Ask yourself, what is your hard drive worth? A little chuckle? No way, if you don't trust it, don't risk it!