Irony Of The Day: Worm Says Worm Writer Nabbed

A new worm spreads by, among other things, posing as a message about the "arrest" of the MyDoom author.
A worm now spreading gives new meaning to the word "irony," a security firm said Tuesday, since the malware spreads by, among other things, posing as a message about the "arrest" of the MyDoom author.

According to U.K. message filtering firm Sophos, the Kedebe.f worm, which is bundled with mail as an attachment, uses a slew of social engineering-style subject heading and message text to fool users into opening the file, including one that poses as mail about the "arrest" of the MyDoom author.

"Author of MyDoom has been ARRESTED!" blares the subject head, said Sophos in its online alert, with the rest of the message reading "Hey, this is to tell you that the author of the Internet Worm 'MyDoom' has been arrested by Microsoft today. He is an OLD MAN, about 50s."

The MyDoom author (or authors) has yet to be found, although rewards totally $500,000 were posted by Microsoft and the SCO Group in early 2004, not long after the destructive -- and still prevalent -- worm debuted.

"Hackers are constantly trying to dupe computer users into running malicious code with the promise of breaking news stories," said Graham Cluley, senior technology consultant at Sophos.

Like many worms, Kedebe.f can pose as more than just one message, said Cluley. Among the bogus news its messages use are conspiracy theories about the death of Pope John Paul II, the death of Michael Jackson (again), Osama bin Laden's capture (ditto), and "J Lo with no closes [sic] on!"

Cluley had especially unkind words for the hacker who dreamed up the story about the former Pope, who was the victim, so says the scam message, of a secret conspiracy by an unknown group of governments. "Using the late Pope's name is a sick trick," said Cluley.

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing