The mass mailing Windows worm, known variously as MyDoom, MiMail.R, Novarg and Shimg, emerged yesterday afternoon US Pacific Time, and started spreading as fast or faster than Klez, Code Red, Nimda, and other recent successful viruses.

At press time yesterday, anti-virus experts only had a rough idea of what MyDoom does and why it spread so quickly. It appears to be a regular mass-mailer, which requires the recipient to open a Zip file and run an executable to become infected.

We are still working on it, but based on what we’ve observed so far it definitely seems to have a component that does a denial-of-service attack against the SCO.com web site, said Brian Dunphy, director of global analysis for Symantec Corp.

SCO has become the target of many denial-of-service attacks over recent months due to its aggressive litigation campaign. The company is trying to enforce software copyright over the Linux operating system, annoying many developers.

If it is is having any kind of impact, it’s still in its infancy, said a SCO spokesperson. We do have experience on our side, but unfortunately if a denial-of-service attack is taking place there’s not a great deal you can do to prevent it from happening.

Once run, the worm seeks also out email addresses from the victim’s hard drive, forwards itself, and copies itself to the Kazaa shared files folder if the PC has the Kazaa file-sharing application installed.

There appears to be no other infection mechanism, which raises questions about how it could spread as fast as the Nimdas and Code Reds of the world, which required no user intervention to leap from machine to machine.

The body text of the MyDoom email looks like an error message, and the executable attachment is Zip-compressed and made to look like a text file. Possibly people are not as trained to not open up and run Zip files as they are other types of files, Dunphy said.

At press time last night the full picture of whether MyDoom will cause serious damage, or is just another flash-in-the-pan worm-du-jour, was not yet obvious. All the anti-virus companies had given the virus their highest or second-highest ratings.

This article is based on material originally published by ComputerWire