At least 50 students’ computers were infected with the MyDoom virus this week, after thousands of messages swarmed GW’s e-mail system and slowed delivery.
Messages infected with the worm, which have subject lines including “hi,” “hello” and “mail delivery system,” have traveled around the world in the past few days. Several universities’ and corporations’ systems were affected; some networks even shut down because of the virus.
University technology officials installed a filter in GW’s system Tuesday, which has already cleaned out more than 122,000 virus messages, said Krizi Trivisani, director of Systems Security Operations.
“That’s an astronomical number of viruses (in one day),” Trivisani said.
When students receive an apparent MyDoom-infected e-mail on GW’s system, the message should read “The uncleanable file is deleted” at the bottom of the message, meaning it has been filtered and is not dangerous. Students checking mail on other systems, such as Yahoo! or American Online, could still have their computers infected.
But the worm can only infect computers if users double-click on an attachment in the e-mail.
“(You’re) receiving a clean version of the worm,” Trvisani said. “Our virus filters found this worm, scrubbed it and you have not received it.”
However, new versions of the worm could pop up, meaning users might be unprotected until the proper anti-virus software is created. Software is available for free by visiting http://cmail.gwu.edu and following directions on the right side of the screen.
Some variants of the worm launch the Notepad function and show random characters. The worm replicates itself simultaneously, installing a program that allows hackers to break in and record everything typed on the computer, including passwords, Social Security numbers and credit card numbers, according to CNN.
The worm can also send out messages to other people in a user’s address book.
Trivisani said students should be cautious of e-mails from strangers.
“The best rule of thumb (is), if you don’t know what it is or it looks suspicious, get rid of it,” she said.
Students can also get the worm from peer-to-peer sharing systems such as Napster or KaZaA, Trivisani said.
“Don’t download any copyrighted material,” she advised. “Not only could you get in trouble; you could get this worm, and it wouldn’t be pretty.”
Other universities noted an increase in e-mail traffic since the worm started spreading.
Angel Cruz, information security officer at the University of Texas-Austin, said the university’s e-mail system initially slowed down, but infected messages are currently being deleted. He said about 25,000 virus messages are erased per hour.
Lance Hoffman, a GW computer science professor, said the worm’s spread highlights the Internet’s lack of safeguards against viruses. He compared the Internet to a 1900s-era car that has no airbags, brakes or seatbelts.
“That’s where we are with the net, and that’s the problem,” he said. “We don’t have the (security) mechanisms built in yet.”
Some GW students said the worm is tricky because messages look like they come from friends, and they clog up their boxes.
“If I don’t recognize the e-mail address, then I don’t open it, but some of the subjects are really deceiving,” sophomore Courtney Casciano said.
“I have gotten over 30 e-mails with the viruses in them, and I open them because they are from gwu.edu addresses and the subjects are ‘hi,'” senior Xan Sabini said. “Luckily they have not infected my computer yet because I delete them.”
Trivisani said she does not know where the virus came from, but experts outside GW are working to figure it out.
-Michael Barnett and Rachel Zavala contributed to this report.
