Research

New Mydoom variants now called Bofra

I-Worm.Mydoom.ad, which we detected yesterday, and its modification Mydoom.ae, which we detected today, have both been renamed in our antivirus databases as I-Worm.Bofra.a and .b.

These worms used the source code of Mydoom, but most virus analysts agree that they are actually a new family. And we agree with this opinion.

  • I-Worm.Mydoom.ad is renamed as I-Worm.Bofra.b
  • I-Worm.Mydoom.ae is renamed as I-Worm.Bofra.a

P.S. We have just detected another modification of this worm, which will be named I-Worm.Bofra.c.

New Mydoom variants now called Bofra

Your email address will not be published. Required fields are marked *

 

Reports

MoonBounce: the dark side of UEFI firmware

At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.

Subscribe to our weekly e-mails

The hottest research right in your inbox