Technology firm, Symantec, has warned that computer systems affected by the MyDoom virus remain vulnerable to follow-on attacks.
The company, which produces anti-virus software, says the virus contains a mechanism to maintain a list of all known infected systems. The worms is generally spread by email.
It says the worm which has disrupted some of the world's most popular search engines, including Google, "permits the author to rapidly and automatically update all Mydoom-infected systems with new arbitrary malicious code". The firm said its security response team is currently investigating the "functionality" available within these worms.
Symantec experts believe that the worm's code writer is using these threats to inject other new malicious code "into the wild".
Senior director of Symantec Security Response team, Mr Alfred Huger said: "Due to the recent release and widespread infection rate of the Mydoom worm, we believed that computers infected with [it] may have been used as a form of peer-to-peer seed network, explaining why [it] became a high-profile worm so rapidly".
"This process would simply require the author to upload Mydoom to one infected host and have it read the stored IP list and upload itself to other systems."
Yesterday, another world leader in software, Computer Associates warned computer users to beware of emails with subject lines such as hello, hi, error, status, test, report, delivery failed, Message could not be delivered, Mail System Error - Returned Mail, Delivery reports about your e-mail, Returned mail: see transcript for details, and Returned mail: Data format error.
