p2pnet - rss feed: New Mydoom bug poised to strike
Mydoom.b, a new, far more dangerous version of Mydoom.a that’s causing so much trouble, is scheduled to launch a DoS attack between February 1 and February 12, says a Russian security company.
Once again, SCO is the target, but this time it’s joined by Microsoft and, “the worm modifies the operating system to prevent users from reaching many anti-virus vendors’ sites, security-related news sites and various sections of the Microsoft site, as well as downloading data from banner networks,” says Kaspersky Labs, a Russian information security software developer which discovered the variation.
Slated to hit www.sco.com and www.microsoft.com, Mydoom.b is probably using machines infected by the original Mydoom, “which could mean as many as 600,000 units,” says Kaspersky.
“These infected computers may have received a command to send out copies of Mydoom.b. Therefore, the computer community may be facing a much more serious outbreak than the one caused by Mydoom.a yesterday.”
The new Mydoom contains minimal technical innovations and also spreads via email and the KaZaA file-sharing network.
But, the email contains a different set of text strings in the body, says Kaspersky, adding:
“The carrier file is about 28 KB in size and contains the text string: ’sync-1.01; andy; I’m just doing my job, nothing personal, sorry’.
SCO Group says it’s working with US law enforcement authorities, including the Secret Service and the FBI, to try to find out who’s behind the Mydoom attack and is offering a $250,000 bounty for the identity of the author.
