This latest my.doom variant used an interesting trick - when it hit a PC, it scanned that PC looking for domain names. It then went to Google, Yahoo, Altavista and Lycos and searched for email addresses from that domain name. This had several effects:
1. The virus tended to be harder on business PCs than consumer PCs, since more business email addresses seem to be found by the search engines.
2. It appeared to force Google to its knees. The way it worked acted as nice pseudo-randomizer - each new infected PC would search for different domain names, making it harder to recoginize (or stop) as a denial of service attack.
This is just another example of how the bad guys can use the good stuff to attack the good guys, and how we are inexorably being drawn towards email "white lists", where we trusted authenticated email senders but for everyone else we heavily spam filter and block all attachments. If you send me a virus, you are off the trusted list and get heavily filtered.
Between smarter viruses, phishing and other identity theft scams, the way we use and trust email is just going to have to change - it is inevitable. Today's email will go the way of the blinking URL tag.
Agree that email as we know it has died. Remember when *every* message was meant for you? When you would rush to your computer and dial in to your ISP to see the latest email in an interesting discussion you were part of?
Remember network news (NNTP)? It was the first to be killed off by spammers. Next was email. Now the browsing experience is being destroyed by Spyware.
Posted by: Netman | 27 July 2004 at 05:27 PM