January 28, 2004

$250K Reward for MyDoom Perp

The Standard reports that SCO offers $250,000 reward for arrest of Mydoom worm author. Software provider SCO Group is also recommending a Network Associates stand-alone utility targeting the MyDoom worm that is sweeping the Internet, reportedly slowing servers as it mobilizes infected computers for a DDOS attack on SCO scheduled to launch on February 1. Details of SCO's reward offer.


Posted by dougsimpson at January 28, 2004 02:06 PM | TrackBack

What does the virus do?

Posted by: Pennsylvania Insurance at February 14, 2004 05:03 PM

The Mydoom worm, also known as Novarg and Mimail.R, is a mass-mailing worm that arrives via e-mail as an attachment. When a user opens the attachment, his computer becomes infected. Infected computers then immediately mail out copies of the worm to the user's email list, so that it comes in to targets as an email from a known email address.

It has been learned that infected computers may become accessible to the originator of the worm in a manner enabling the originator to coordinate a Distributed Denial of Service (DDOS) attack on certain targets. Analysts found indications that SCO and Microsoft were the targeted companies. Both have been the subjects of recent controversy over intellectual property rights and development of Linux operating systems.

Since the original discovery of MyDoom in the wild, additional variations have been discovered. Some analysts suggest that the originator is testing 'improvements' on his creation, adjusting their approach as he/she learns from the responses of anti-virus efforts. See, for example, McAfee's page on MyDoom at: http://vil.nai.com/vil/content/v_100983.htm

Posted by: Doug Simpson at February 15, 2004 06:23 AM