MyDoom knocks down U.S. Web site
|WHAT IS A WORM?
A program that makes copies of itself -- for example, from one disk drive to another, or by copying itself using e-mail or another transport mechanism.
|WARD OFF WORMS
Aside from installing anti-virus software, Symantec suggests these tips to guard against computer worms:
Don't open e-mail from an unknown source.
Only open expected e-mail attachments.
Don't automatically open e-mail attachments.
Don't download programs from Web sites, unless you know and trust the source.
Update your anti-virus software at least every two weeks.
SEATTLE, Washington (Reuters) -- The MyDoom Internet worm has knocked down the Web site of a software company by bombarding it with a flood of data as Microsoft Corp. prepared for a similar, planned attack by the virus-like program this week.
The SCO Group Inc., a software company that has drawn the ire of Linux advocates for trying to collect license fees for the freely available software system, confirmed MyDoom had knocked its Web site, http://www.sco.com, out of commission.
After defending the site in the early stage of the attack, SCO shut its site down entirely.
"Rather than try to continue to fight, we felt it was more advantageous to bring the site down and make that bandwidth available or other users," SCO spokesman Blake Stowell said Sunday.
He added SCO and Microsoft, which is being targeted by a variant of the MyDoom worm, have each offered a bounty of $250,000 for information leading to the capture of the author of the malicious program. (Full story)
The world's largest software maker said was it preparing for an attack by the variant worm, called MyDoom.B, which security experts have said will happen on Tuesday.
"Microsoft remains diligent," a company spokesman said.
The speed and severity of the attack surprised security officials, although there were no other reports of outages or slowdowns elsewhere online due to the worm.
But experts warned that the main threat remained to unsuspecting recipients of the worm, which spreads by spamming itself to millions e-mail accounts around the globe.
"At this particular point people shouldn't lose sight of the fact that the virus is still spreading," said Vincent Gullotto, vice president of the anti-virus emergency response team at Network Associates Inc.
Will it get worse?
MyDoom.A, also known as Novarg or Shimgapi, emerged nearly a week ago in the form of a spam e-mail message that contained a well-disguised virus attachment and has been described as the most-damaging attack since last summer's twin Blaster and SoBig outbreaks.
MyDoom was programmed to take control of unsuspecting computer users' PCs from which it launched a debilitating denial-of-service attack on SCO on Sunday.
SCO has drawn the ire of the so-called "open source" programming community who object to the company's claim that it has copyright control over key pieces of the Linux operating system.
The MyDoom attack trigger was set for 1609 GMT on Sunday.
But with so many computer clocks incorrectly set, the infected machines began firing off data requests at SCO.com hours earlier, said Mikko Hypponen, research manager at Finnish anti-virus firm F-Secure.
"It will only get worse for SCO as time goes on," Hypponen added.
The MyDoom.B variant, which is also programmed to attack SCO, has not spread nearly as rapidly as MyDoom.A. MyDoom.A is believed to have infected more than one million personal computers.
Security officials have warned computer users to delete suspicious e-mail messages that appear to come from "Mail Administrator" and other official-looking addresses that contains a file attachment.
Copyright 2004 Reuters
. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.