Sign Up: Free Daily Tech E-letter  
Technology Home
Washtech
Tech Policy
Government IT
Markets
Columnists
Personal Tech
Special Reports
Jobs

Advertisement

SCO Debuts New Site as MyDoom Aims at Microsoft

Advertisement



_____Cybersecurity_____
Microsoft Patch Foils 'Phishing' Scam (washingtonpost.com, Feb 2, 2004)
Computer Virus Hits Utah Software Firm (The Washington Post, Feb 2, 2004)
Microsoft Offers Reward For Worm Authors (washingtonpost.com, Jan 29, 2004)
More Security News
E-Mail This Article
Print This Article
By Bernhard Warner
Reuters European Internet Correspondent
Tuesday, February 3, 2004; 7:01 AM

LONDON -- The SCO Group Monday launched a new Web site, a day after the super-potent MyDoom computer worm knocked the American software firm clean off the Internet.

The surprising severity of the MyDoom attack has sent a shiver through the Internet security community. In marshalling an army of zombie PCs -- many of whom are unsuspecting home computer users -- to silence an online target, MyDoom represents a new level of cyber warfare, security officials said.

"With such a program you could really take out any major Web site on the Internet," said Raimund Genes, European president of security software firm Trend Micro. "This is a form of electronic warfare. It's not terrorism, but it is somebody who is obviously upset with SCO."

The Utah-based SCO has drawn the ire of advocates of the Linux computer operating system which is a rival to both SCO's Unix and Microsoft's Windows. But Linux was developed by volunteer programmers and can be downloaded for free.

Linux advocates object to SCO's attempts to collect license fees for the freely available software leading some security experts to surmise MyDoom is the work of a cyber protester.

Microsoft Corp, another target of Linux advocates, is next in line to be hit by the worm. A variant, known as MyDoom.B, is programmed to unleash Tuesday a similar digital barrage on both SCO and Microsoft's http://www.microsoft.com.

MICROSOFT ON BETTER GROUND

Security experts are more confident Microsoft.com will withstand the onslaught as its considered one of the most stable sites on the Internet. Also, MyDoom.B has infected far fewer machines than the original MyDoom.A outbreak.

Still, the two firms have dangled separate $250,000 bounties on the heads of the virus writers and are working with various law enforcement authorities to flush out the culprit.

Monday, SCO launched http://www.thescogroup.com as a temporary Web site until the digital barrage on http://www.sco.com ceases.

"We expect hundreds of thousands of attacks on www.sco.com because of these viruses. Starting on Feb.1 and running through Feb.12, SCO has developed layers of contingency plans to communicate with... customers, resellers, developers, partners and shareholders," the company said in a statement.

ADDING SPAM TO THE MIX

Microsoft said at the weekend it had been preparing for an attack from MyDoom.B. Both MyDoom.A and MyDoom.B are programmed to take over a computer and use it as a launching pad to send a withering barrage of data requests to the companies' sites.

Experts continued to warn the worm was still on the prowl for still more machines to infect. It spreads by spamming itself to millions of e-mail accounts around the globe.

Monday, MyDoom.A was not spreading as rapidly. But it was still churning out a massive volume of spam e-mails searching for machines to infiltrate, said UK-based security firm MessageLabs, which had stopped more than 16 million MyDoom-generated e-mail messages to date. MyDoom.A, also known as Novarg or Shimgapi, emerged nearly a week ago in the form of a spam e-mail message that contained a well-disguised virus attachment. It has been described as the most-damaging attack since last year's twin Blaster and SoBig outbreaks.

MyDoom.A is believed to have infected more than one million personal computers, each capable of sending out hundreds of bogus e-mail messages continuously to addresses found on the computer. The logjam of traffic continued to bog down e-mail servers across the Internet.

Security officials have warned computer users to delete suspicious e-mail messages that appear to come from "Mail Administrator" and other official-looking addresses that contain a file attachment.


TechNews.com Home

© 2004 Reuters

Company Postings: Quick Quotes | Tech Almanac
About TechNews.com | Advertising | Contact TechNews.com | Privacy
My Profile | Rights & Permissions | Subscribe to print edition | Syndication