By Mike Musgrove Washington Post Staff Writer
Tuesday, July 27, 2004; Page E01
Many computer users were unable to reach the Google, Yahoo, Lycos and AltaVista search engines yesterday after a new computer virus surfaced that apparently overwhelmed the Internet services with automated queries.
Access to Google was blocked for as long as five hours, some users reported. Visitors attempting to reach the Web site instead received an error message: "The service you requested is not available at this time."
For Internet users, search engines are an indispensable tool for finding information and news scattered across seemingly innumerable Web pages.
"It was like going without power and having to use a candle," said Andy Beal, vice president of marketing at WebSourced Inc., a Web site promotion firm based in Morrisville, N.C. "Google has become so much a part of everyday life that I was lost without it."
Beal said he forgot the site was down and instinctively typed "Google and attack" into his browser's Google search box in an attempt to find news about the problem. When the Google site didn't work, he turned to Yahoo's search engine, which also didn't work on his computer.
Several search engine companies and computer security experts blamed the problem on MyDoom.m, the newest version of a virus that first appeared in January. The variant appeared in the morning and quickly infected thousands of computers, judging from Internet traffic monitored by computer security experts yesterday.
The virus circulates the Web disguised as an e-mail with various subject lines, such as "Mail System Error," or "Undeliverable Mail."
Many messages purported to come from the user's corporate e-mail or Internet service provider: "Your e-mail account was used to send a large amount of junk mail messages during this week," read one message bearing the malicious software. "We suspect that your computer was compromised and now contains a trojan proxy server."
The e-mail then urges the user to click on an attachment embedded in the missive. Users who do so unwittingly activate the worm, which often gives hackers remote access to the computer and also sends copies of the infected e-mail to everyone in the user's e-mail address book.
Unlike its predecessors, the newest variant apparently also was programmed to enter a portion of the addresses it found, the domain name after the "@" sign, into various search engines in an effort to collect further e-mail addresses.