The threat of the Mytob worm is set to increase as those responsible for launching it are carefully synchronising the release of different variants to cause the most damage.
Carole Theriault, a consultant at security software company Sophos, said, “The creators of Mytob appear to be a group of virus writers called Hellbot. Having more than one writer may aid them in issuing several different variants in short time periods.”
She said, “The Mytob source codes suggest that the virus writers are following a carefully planned strategy. By issuing many threats, all of which are tweaked slightly differently, they may be searching for the elements of their malicious code that will help them create a super worm.”
At the end of last week, Sophos said Mytob variants accounted for more than half of the top twenty viruses reported to the company.
Mytob spreads via e-mail address books as a result of a user opening an infected attachment. It purports to warn users of security or account issues in its subject line.
When the infected attachment is opened Mytob attempts to turn off security applications and deny access to popular security websites. It also attempts to open a backdoor into the computer, allowing unauthorised and remote users to access the system at a later date.