Mydoom cripples US firm's website

[4me2]

<TABLE cellSpacing=0 cellPadding=0 width=629 border=0><TBODY><TR><TD colSpan=3>Mydoom cripples US firm's website




</TD></TR><TR><TD vAlign=top width=416><!-- S BO --><!-- S IIMA --><TABLE cellSpacing=0 cellPadding=0 width=203 align=right border=0><TBODY><TR><TD> The Mydoom virus tries to trick people into clicking on it



</TD></TR></TBODY></TABLE><!-- E IIMA -->The Mydoom e-mail worm has paralysed the website of US software firm SCO, in a massive denial of service attack.


The company - which owns the Unix operating system - said the virus was "overwhelming the internet with requests to www.sco.com".

Both SCO and Microsoft have offered $250,000 rewards each for help to catch the author of the worm - the fastest-spreading virus known so far.

A variant of the virus is expected to attack Microsoft's site from Tuesday.

The first version of the virus, Mydoom.A - also known as Novarg or Shimgapi - emerged last Monday in the form of a spam e-mail message that contained a well-disguised virus attachment.

<!-- S IBOX --><TABLE cellSpacing=0 cellPadding=0 width=208 align=right border=0><TBODY><TR><TD width=5></TD><TD class=sibtbg>MYDOOM DETAILS

From: random e-mail address
To: address of the recipient
Subject: random words
Message body: several different mail error messages, such as: Mail transaction failed. Partial message is available
Attachment (with a textfile icon): random name ending with ZIP, BAT, CMD, EXE, PIF or SCR extension
When a user clicks on the attachment, the worm will start Notepad, filled with random characters



<!-- S ILIN -->Q&A: Mydoom virus
<!-- E ILIN -->

</TD></TR></TBODY></TABLE><!-- E IBOX -->

Utah-based SCO said that by 0500 GMT on Sunday its website was flooded with requests beyond its capacity.

SCO has been involved in a legal row with the open-source community, after claiming versions of the Linux operating system used code it said it owned.

Mydoom.A is set to become ineffective on 12 February.

Experts say Mydoom.A and its successor, Mydoom.B, accounted for 30% of all e-mail traffic at their peak, beating all previously records for virus infections.

The worm - which opens up security holes - has left hundreds of thousands of computers vulnerable to hackers and spammers and the economic cost has been estimated at $26.1bn so far.

The BBC's Kevin Anderson in Washington reports that infections were still doubling daily over the weekend.



"While we expect this attack to continue throughout the next few weeks, we have a series of contingency plans to deal with this problem and we will begin communicating those plans on Monday morning," said Jeff Carlon, worldwide director of Information Technology infrastructure at SCO Group.

Backdoor access

The Mydoom e-mail attachment sends itself out to other addresses if opened, and may allow unauthorised access to computers.

<TABLE cellSpacing=0 cellPadding=0 width=208 align=right border=0><TBODY><TR><TD width=5></TD><TD class=sibtbg>PROTECT YOURSELF FROM VIRUSES

Install an anti-virus program.
Keep it up to date
Get the latest patches and updates for your operating system
Never automatically open e-mail attachments
Download or purchase software from trusted, reputable sources
Make backups of important files


</TD></TR></TBODY></TABLE><!-- E IBOX -->

It only affects computers using Microsoft Windows and also spreads through file-sharing networks, like Kazaa, installing a "backdoor" onto machines if launched. An infected computer could allow attackers to get unauthorised access to a user's machine and use it to bring down websites, according to security experts. It does not take advantage of any flaws in Windows software. Instead, many of the e-mails appear to have been sent from organisations like charities or educational institutions, to fool recipients into opening it.


</TD></TR></TBODY></TABLE>


http://news.bbc.co.uk/1/hi/technology/3449931.stm