Like its predecessors, MyDoom.F has its own SMTP engine and spreads through e-mail attachments, and is programmed to launch denial of service attacks on web sites. The DDoS component of MyDoom.F targets www.microsoft.com and www.riaa.com (the Recording Industry Association of America)MyDoom.F also opens a backdoor on the victim's computer, using port 1080. Some analyses suggest that it also opens a backdoor on multiple ports between 3000 and 5000 and disables antivirus software.
Widespread awareness of MyDoom-related threats has focused fresh attention on the basics of e-mail security, particularly regarding the opening of attachments. That should work to check the spread of MyDoom.F, as will its more destructive payload, which makes it harder for the malware's activity to go unnoticed for very long on compromised machines.