Mimail Damage Mounts

The Mimail virus is making its way up the ranks of the most damaging viruses and worms to date, according to a security firm that keeps track of malware.

Mimail is currently the fifth most damaging malware in a malware damage database maintained by the U.K.-based mi2g Intelligence Unit. Worldwide economic damage from Mimail is estimated at $8.85 billion worth of productivity losses and business interruption, according to mi2g, a digital risk assessment firm.

Mimail now trails only Sobig, Klez, Yaha and Swen in the rankings of the most damaging viruses and worms, according to mi2g. Mimail, which affects only Windows users, has seen a huge surge in damage from the last two of its 10 variants. Mimail.J and Mimail.I both appeared in the last week.

MessageLabs, an e-mail security services company, put out a high-level warning this week alerting customers to the dangers of the Mimail.J variant. "[The] extent of Mimail.J overtakes other variants of the worm," MessageLabs wrote in its alert.

The worm arrives as an attachment with a forged sender address, in many cases appearing to have come from PayPal, the payment service for the popular Ebay auction site.

The executable attachment launches a program that instructs users to update their PayPal account with a credit card number, social security number and mother's maiden name. According to mi2g, the Mimail method is more sophisticated than similar previous efforts, which sent victims to a Web page to fill in their information. In those cases, victimized companies could pressure ISPs to shut down the Web site.

"Five years ago hackers and virus writers carried out most of the attacks to demonstrate intellectual prowess. The metamorphosis in motives has definitely been towards financial fraud and extortion activity," DK Matai, mi2g executive chairman, said in a statement.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft Bolsters Windows IoT with NXP and SQL Server Support

    Microsoft's Internet of Things (IoT) product line is continuing to grow, with a few new developments highlighted this week.

  • Tamper Protection Now Available to Microsoft Defender ATP Subscribers

    The Microsoft Defender Advanced Threat Protection (ATP) E5 subscription plan now has an optional "tamper protection" security feature, Microsoft announced on Monday.

  • Exploring OCR, a New Way To Get Data into Excel

    Microsoft recently added a new optical character recognition feature to Excel that lets users import data from a photograph taken from a smartphone. Here's how to use it.

  • Microsoft Authenticator App To Get Real-Time Phishing Protections

    Microsoft is working on adding capabilities to its Microsoft Authenticator app to help defeat security breaches enabled by advanced attack techniques, including phishing and man-in-the-middle methods.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.