ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Mydoom

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Mydoom

NamesMydoom
Novarg
Mimail
CategoryMalware
TypeWorm, DDoS
Description(Palo Alto) MyDoom is an infamous computer worm first noted in early 2004. This malware has been featured in top ten lists of the most destructive computer viruses, causing an estimated $38 billion in damage. Although now well past its heyday, MyDoom continues to be a presence in the cyber threat landscape.

While not as prominent as other malware families, MyDoom has remained relatively consistent during the past few years, averaging approximately 1.1 percent of all emails we see with malware attachments. We continue to record tens of thousands of MyDoom samples every month. The vast majority of MyDoom emails come from IP addresses registered in China, with the United States running a distant second. These emails are sent to recipients across the world, mostly targeting high tech, wholesale, retail, healthcare, education, and manufacturing industries.
Information<https://unit42.paloaltonetworks.com/mydoom-still-active-in-2019/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.mydoom>
AlienVault OTX<https://otx.alienvault.com/browse/pulses?q=tag:MyDoom>

Last change to this tool card: 23 April 2021

Download this tool card in JSON format

Previous: MyDogs
Next: MysteryBot

All groups using tool Mydoom

ChangedNameCountryObserved

APT groups

 Lazarus Group, Hidden Cobra, Labyrinth ChollimaNorth Korea2007-Spring 2021X

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key