Technically Speaking

This year’s digital virus is bigger and badder than the SoBig and Blaster viruses. Currently, Mydoom has a penetration of 1 in 17. Meaning that for every 17 emails sent through the net, 1 is infected. The virus isn’t suppose to peak until two days from now. Penetration should increase to somewhere under 1 in 10. This virus is so disruptive that The SCO Group is offering a bounty of $250,000 for the creator of Mydoom.

“Although Mydoom’s author may be sympathetic to the open source community’s case, and this may have been the reason they targeted SCO, responsible members of the community would never condone such illegal activity,” said Graham Cluley, senior technology consultant for Sophos.

“It is hoped that this reward may tempt the computer underground into ’spilling the beans’ about who might be responsible for this latest attack on all users of the internet.”

Mydoom, which only affects computers using Microsoft Windows, also spreads through file-sharing networks, like Kazaa, and installs a “back door” onto machines if launched.

This is a bit of software which allows a computer to be remotely controlled. It listens to commands sent over the net and acts on them.

An infected computer could allow attackers to get unauthorised access to a user’s machine and use it to bring down SCO’s website, according to security experts.

If I remember correctly, some poor teenager was caught and charged with distributing the SoBig variant virus. Despite the reward that was offered last time the original virus maker wasn’t caught. This makes me wonder whether there is honor among thieves!

MYDOOM DETAILS

• From: random e-mail address
  
• To: address of the recipient
  
• Subject: random words
  
• Message body: several different mail error messages, such as: Mail transaction failed. Partial message is available
  
• Attachment (with a textfile icon): random name ending with ZIP, BAT, CMD, EXE, PIF or SCR extension
  
• When a user clicks on the attachment, the worm will start Notepad, filled with random characters
  

This entry was posted on Wednesday, January 28th, 2004 at 11:18 pm and is filed under Digital Underground. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.