The only way to stop MyDoom.

Inside the Internet.
July 27 2004 6:28 PM

Fight Virus With Virus

That's the only way to stop MyDoom.

Illustration by Robert Neubecker

On Monday, Web surfers faced the unthinkable: a day without Google. MyDoom.O, the latest version of the fast-spreading worm, used infected PCs to flood Google's servers in what's called a denial-of-service attack. With the MyDoom virus trolling for e-mail addresses so it could send itself to new victims, human users were pushed out of the way for a couple of hours. It only seemed like the world was ending.

The most frustrating thing about MyDoom is that it's not some hyper-evolved beast. The 14 iterations of the virus that have appeared since MyDoom.A emerged in January aren't stronger, faster strains that survived cures for weaker versions. All the anonymous MyDoom authors have done is look at the syntax—or even just the online descriptions—of previous MyDooms, then built new copies that differ by just a few lines of code.


As the Washington Post reported yesterday, protecting yourself is easy: Install some anti-virus software and set it to automatically update itself (the default for most programs). Unfortunately, most people whose computers are infected either don't know they have a problem, or don't bother to deal with it. That's why MyDoom will keep coming back again and again. SCO and Microsoft, both earlier victims of MyDoom denial-of-service attacks, have posted $250,000 bounties, but neither have yielded a suspect nor deterred copycat coders. At the current rate, MyDoom.Z should debut around Christmas, forcing virus trackers to consult Dr. Seuss' On Beyond Zebra! to alphabetize next year's crop.

The only way to stop MyDoom might be to out-hack the hackers. In the past, "white hat" programmers have launched viruses that expose security holes without causing destruction in an attempt to make computer users more security-conscious. Last year, one programmer took the next step. As the Blaster worm circled the globe, the do-gooder released a worm called Nachi that infiltrated the same security hole as Blaster. But Nachi wasn't a Blaster variant, it was a Blaster antidote: It erased copies of Blaster it found on PCs it invaded, then downloaded and installed a Windows update from Microsoft to secure the computer against further Blaster (and Nachi) attacks. Ingenious! There was only one problem: Nachi overloaded networks with traffic, just like Blaster had.

So far, no one's created an effective antidote to MyDoom, which has done far more damage and shows no sign of stopping. While someone tried to repurpose Nachi for the job in February, that's the wrong approach. What we need is a final MyDoom variant—let's call it MyDoom.Omega—that breaches the exact same security holes as versions A through O, yet spreads itself slowly and carefully to prevent traffic jams. It could even launch warnings on the user's screen for a few days ("Hey dummy! Click here to protect yourself!") before going ahead and patching the hole itself.

Maybe a program like MyDoom.Omega doesn't exist yet because the good guys don't have an incentive. Rather than offering them megabucks to squeal on the virus' creator(s), Microsoft, Google, and other MyDoom victims could challenge hackers to think up novel ways to squash the bug. Unleashing a white knight program might not offer the satisfaction of seeing a bad guy led away in flexicuffs, but it would be a lot more effective—and a lot more poetic.

Paul Boutin is a writer living in San Francisco.


Justice Ginsburg’s Crucial Dissent in the Texas Voter ID Case

The Jarring Experience of Watching White Americans Speak Frankly About Race

How Facebook’s New Feature Could Come in Handy During a Disaster

The Most Ingenious Teaching Device Ever Invented

Sprawl, Decadence, and Environmental Ruin in Nevada

View From Chicago

You Should Be Able to Sell Your Kidney

Or at least trade it for something.

Space: The Next Generation

An All-Female Mission to Mars

As a NASA guinea pig, I verified that women would be cheaper to launch than men.

America’s Fears of Immigration, Terrorism, and Ebola Are Combining Into a Supercluster of Anxiety

The Legal Loophole That Allows Microsoft to Seize Assets and Shut Down Companies

  News & Politics
Oct. 19 2014 1:05 PM Dawn Patrol Justice Ruth Bader Ginsburg’s critically important 5 a.m. wake-up call on voting rights.
Business Insider
Oct. 19 2014 11:40 AM Pot-Infused Halloween Candy Is a Worry in Colorado
Oct. 17 2014 5:26 PM Judge Begrudgingly Strikes Down Wyoming’s Gay Marriage Ban
  Double X
The XX Factor
Oct. 17 2014 4:23 PM A Former FBI Agent On Why It’s So Hard to Prosecute Gamergate Trolls
  Slate Plus
Slate Picks
Oct. 17 2014 1:33 PM What Happened at Slate This Week?  Senior editor David Haglund shares what intrigued him at the magazine. 
Oct. 19 2014 4:33 PM Building Family Relationships in and out of Juvenile Detention Centers
Future Tense
Oct. 17 2014 6:05 PM There Is No Better Use For Drones Than Star Wars Reenactments
  Health & Science
Space: The Next Generation
Oct. 19 2014 11:45 PM An All-Female Mission to Mars As a NASA guinea pig, I verified that women would be cheaper to launch than men.
Sports Nut
Oct. 16 2014 2:03 PM Oh What a Relief It Is How the rise of the bullpen has changed baseball.