[3] Speculative early coverage held that the sole purpose of the worm was to perpetrate a distributed denial-of-service attack against SCO Group.

Since then, it has been likewise rejected by law enforcement agents investigating the virus, who attribute it to organized online crime gangs.

Mydoom was named by Craig Schmugar, an employee of computer security firm McAfee and one of the earliest discoverers of the worm.

Mydoom avoids targeting e-mail addresses at certain universities, such as Rutgers, MIT, Stanford and UC Berkeley, as well as certain companies such as Microsoft and Symantec.

The original version, Mydoom.A, is described as carrying two payloads: A second version, Mydoom.B, as well as carrying the original payloads, also targets the Microsoft website and blocks access to Microsoft sites and popular online antivirus sites by modifying the hosts file, thus blocking virus removal tools or updates to antivirus software.