MyDoom Rips Through Internet
Homeland Security issued a 'cyber alert' the following day calling MyDoom the largest virus outbreak in history. The FBI has also launched an investigation into the origin of the virus and its maker.
During the viruses first day in existence, some email security companies claimed to have intercepted upwards of 60,000 messages infected with the Mydoom virus on an hourly basis. The virus is also known as Novarg and Shimgapi and comes with a Feb. 1 attack date against the SCO Group website, which claims to own the copyright to the Linux operating system.
According to security experts, MyDoom is programmed to send huge amounts of data to Utah-based SCO Group, which is currently in litigation with IBM Corp. over copyright infringement. SCO has drawn industry-wide criticism for its claim that Linux software includes copyrighted code from the Unix operating system. The lawsuit was filed in March 2003 and alleges that IBM was using Unix illegally.
Once a computer is infected with MyDoom, it allows hackers to gain access to the computer and use it as an eventual weapon against SCO on the determined date.
On its due date, the virus will launch a denial-of-service attack against SCO for 12-days, for reasons industry analysts attribute to the ire many webmasters feel toward SCO. Experts predict that the sheer volume of requests for information will most likely overload the site and shut it down.
The virus first appeared on Monday evening and hit the ground running the following morning when the majority of U.S. computer users opened up their email browsers at work or at home and unleashed what has so far proven to be an unstoppable variant.
The virus reportedly spreads in an email message that looks like an official corporate document but it appears to have been corrupted during the transmission process. The message urges the user to open the attached file.
According to Reuters, MyDoom sends itself to the email addresses it finds on the infected computer. It also adds random data to the address lists in order to generate an even larger volume of hostile traffic to the SCO site.
SCO has offered a $250,000 reward for the makers and disseminators of the virus.
"This one (MyDoom) is different and much more troubling, since it harms not just our company, but also damages the systems and productivity of a large number of other companies and organizations around the world," SCO's chief executive said in a statement. "We do not know the origins or reasons for this attack, although we have our suspicions. This is criminal activity and it must be stopped."
The most at-risk computers are those that are running on recent versions of Microsoft's email browsers.
MyDoom first originated in Eastern Europe, experts say. It has so far appeared in Canada, Japan, Latin America, Asia Pacific, and Europe.