News

Mimail Damage Mounts

• By Scott Bekker
• November 20, 2003

Mimail is currently the fifth most damaging malware in a malware damage database maintained by the U.K.-based mi2g Intelligence Unit. Worldwide economic damage from Mimail is estimated at $8.85 billion worth of productivity losses and business interruption, according to mi2g, a digital risk assessment firm.

Mimail now trails only Sobig, Klez, Yaha and Swen in the rankings of the most damaging viruses and worms, according to mi2g. Mimail, which affects only Windows users, has seen a huge surge in damage from the last two of its 10 variants. Mimail.J and Mimail.I both appeared in the last week.

MessageLabs, an e-mail security services company, put out a high-level warning this week alerting customers to the dangers of the Mimail.J variant. "[The] extent of Mimail.J overtakes other variants of the worm," MessageLabs wrote in its alert.

The worm arrives as an attachment with a forged sender address, in many cases appearing to have come from PayPal, the payment service for the popular Ebay auction site.

The executable attachment launches a program that instructs users to update their PayPal account with a credit card number, social security number and mother's maiden name. According to mi2g, the Mimail method is more sophisticated than similar previous efforts, which sent victims to a Web page to fill in their information. In those cases, victimized companies could pressure ISPs to shut down the Web site.

"Five years ago hackers and virus writers carried out most of the attacks to demonstrate intellectual prowess. The metamorphosis in motives has definitely been towards financial fraud and extortion activity," DK Matai, mi2g executive chairman, said in a statement.