MyDoom virus now targets Microsoft

The MyDoom worm continued to spread across the internet this week, clogging up email traffic and hurting productivity as a new…

The MyDoom worm continued to spread across the internet this week, clogging up email traffic and hurting productivity as a new variant emerged to target Microsoft's website, security experts said.

Computer security companies warned people not to open any suspicious attachments in official-looking email messages.

Since appearing earlier this week, the worm, also dubbed Novarg or Shimgapi, has infected computers across the globe by enticing users to open a file attachment that releases a program that potentially allows other attackers to gain unauthorised access.

Computer security vendor Symantec said that attackers were already trawling the Web for infected computers so that they could be used to launch new attacks and send spam to spread the virus further.

READ MORE

The financial damage from the virus-like program - from network slowdown to lost productivity - is already being measured in billions of dollars, according to experts.

The latest version of the worm is designed to flood Microsoft's website with requests for information in an attempt to bring it down, experts said.

This strategy is similar to that of the first version, which targeted the website of the SCO Group, the small software maker suing International Business Machines (IBM) over the use of code for the Linux operating system, they noted.

"It's interesting in that it potentially has a denial of service attack on Microsoft," said Mr Jimmy Kuo, a researcher at Network Associates McAfee anti-virus unit.

Mr Kuo said it was difficult to tell whether the variant, called "MyDoom.b", was spreading across the internet, or "in the wild."

So far, anti-virus companies have received and analysed the variant from only a few sources.

The MyDoom variant appeared to have other similar aspects to the first version, in that it exempts email addresses for US government agencies, some universities, and some computer security companies, including Symantec.

Computers running any of the latest versions of Microsoft's Windows operating system email program are at risk of being infected, although the worm does not exploit any flaws in Windows or its software.

Instead, MyDoom is designed to entice the recipient of an email to open an attachment with an .exe, .scr, .zip or .pif extension.

In response to the worm's targeting its website, SCO offered a $250,000 (€234,000) reward for "information leading to the arrest and conviction of those responsible for this crime".

SCO has drawn the ire of many Linux advocates for its claims that Linux software includes copyrighted code from the Unix operating system.

The attacks from infected computers on SCO and Microsoft are scheduled to begin on February 1st and continue to February . 12th. - (Reuters)