Skip to main content International
The Web      Powered by

MyDoom worm spreads as attack countdown begins

Variant emerges, targets Microsoft

Variant emerges, targets Microsoft

Story Tools

more video VIDEO
CNN technology correspondent Daniel Sieberg assesses the threat of the e-mail virus 'MyDoom.'
premium content
Have you taken precautions against the MyDoom email virus?
What virus
A program that makes copies of itself -- for example, from one disk drive to another, or by copying itself using e-mail or another transport mechanism.
Aside from installing anti-virus software,  Symantec suggests these tips to guard against computer worms:

•Don't open e-mail from an unknown source.

•Only open expected e-mail attachments.

•Don't automatically open e-mail attachments.

•Don't download programs from Web sites, unless you know and trust the source.

•Update your anti-virus software at least every two weeks.

Source: Symantec
Computer Worm
Computer Security
Computing and Information Technology

LONDON, England (Reuters) -- Security experts warned on Thursday the fast-spreading MyDoom virus would plague e-mail users for some time as it counts down to a mammoth digital attack next week on Microsoft and software firm SCO Group Inc.

For a fourth consecutive day, Internet service providers and corporations were bogged down by a crush of infected e-mails.

Security experts said as many as one in three e-mails in circulation was triggered by MyDoom.A, making it the fastest spreading Internet contagion ever.

"We are seeing companies struggling with this as they cannot clear the viruses quickly enough," said Graham Cluley, technology consultant for anti-virus and anti-spam firm Sophos Plc. "This one will be with us for a while."

Meanwhile, sleep-deprived security experts said they were largely powerless to stop the virus's coordinated digital attacks, timed to hit Web sites for SCO on Sunday and Microsoft on Tuesday, security officials said.

"It's very difficult for anti-virus firms to react in these scenarios. We're always going to be on the back foot," said Paul Wood, chief information analyst for British-based e-mail security firm MessageLabs.

Machines turned into zombies

Since appearing this week, the MyDoom.A worm, also dubbed Novarg or Shimgapi, has infected computers across the globe by enticing users to open a file attachment that releases a program capable of taking over a victim's computer.

Once hit, the program scours the Web for more computers to infect. MyDoom.A is programmed to send spam e-mails to spread the infection further and marshal an army of infected machines to knock SCO's Web site offline on Sunday.

On Wednesday, a second variant dubbed MyDoom.B, appeared. It spread less quickly, but carried a program timed to unleash attacks on SCO and Microsoft. Also, it prevented access to anti-virus sites where patches for the bug are available.

Computer security companies continued to warn people not to open any suspicious attachments in e-mail messages.

Since the worms often appear as error messages from "Mail Administrators" and other official-looking addresses, many people inevitably open the attachment after finding minimal information in the message.

Computers running any of the latest versions of Microsoft's Windows operating system are at risk of being infected, although the worm doesn't exploit any flaws in Windows or software.

Instead, MyDoom is designed to entice the recipient of an e-mail to open an attachment with an .exe, .scr, .zip or .pif extension.

In the firing line

The financial damage from the outbreak -- from network slowdown to lost productivity -- is difficult to measure, but is assumed to be billions of dollars, according to experts.

For the ordinary computer user, MyDoom's toll will be measured in bounced e-mails and an inability at times to enter your inbox as ISPs seek to filter out bogus traffic.

For Microsoft and SCO, their Web sites are once again in the firing line.

SCO, a small Utah-based software maker suing International Business Machines Corp. over the use of code for the Linux operating system, has been the target of denial-of-service attacks in the past by apparent pro-Linux protesters.

Last year, Microsoft's site for software upgrades was permanently moved to a new Web address to avert a similar onslaught triggered by the Blaster worm.

SCO this week issued a $250,000 bounty for information leading to the arrests of the authors of MyDoom. In November, Microsoft offered two $250,000 rewards for tips leading to the arrest of the Blaster and SoBig virus writers.

Some security experts theorized that the MyDoom variants were written by the same individual or group, but had no solid clues on their whereabouts.

Copyright 2004 Reuters. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Story Tools
Click Here to try 4 Free Trial Issues of Time! cover
Top Stories
Burgers, lattes and CD burners
Top Stories
EU 'crisis' after summit failure

On CNN TV E-mail Services CNN Mobile CNN AvantGo CNNtext Ad info Preferences
   The Web     
Powered by
© 2005 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser. does not endorse external sites.
 Premium content icon Denotes premium content.