Russia likely origin of Mydoom worm

Russia is 80-percent likely to be the origin of the Mydoom computer worm, which has become the worst ever Internet epidemic.

    The worm could be an attempt to distribute spam mail

    A top Russian anti-virus firm said on Friday it had traced the first emails infected with Mydoom to addresses with Russian internet providers and it adds, the worm could be an attempt to distribute spam mail.

    "We have special software to monitor Internet traffic across the world. This detected that the first emails infected by the worm came from Russian providers," Denis Zenkin, spokesman for the Russian security firm Kaspersky Labs told AFP

    "But there is a still a 20-percent chance that this was an attempt to mislead. Virus programmers from other countries could have registered an email address in Russia and transmitted their harmful programmes via it," he said.

    Microsoft and SCO, the owner of the Unix operating system, have together offered $500,000 in rewards for information leading to the arrest and prosecution of Mydoom's creators.

    "This worm is a criminal attack," said Brad Smith, senior vice president and general counsel at the Microsoft software giant.

    Variant of version A

    MyDoom.B, detected on Wednesday, is a variant of the earlier released MyDoom.A worm, also known as the Novarg worm, which became the worst epidemic on the Internet.

    It installs a programme that directs infected computers to launch so-called denial-of-service attacks on Microsoft's main corporate website.

    Mydoom spreads through e-mail attachments and downloads from the popular Kazaa file-sharing service, which lets Internet surfers share content such as games, movies and music.

    California-based Panda Software said Mydoom.A was still spreading rapidly, even though individual computer users may be seeing fewer infected e-mails.

    It said one in every five e-mails is carrying this worm, making four million infected e-mails in circulation and slowing down Internet traffic around the world.

    The virus has attacked Windows
    based machines

    Junk mail

    An expert from Kaspersky Labs, Alexander Gostiyev, told a newsconference in Moscow that the creators of the virus were not aiming to disrupt Internet traffic but use infected computers to distribute unsolicited junk mail.

    The attack "was very well planned and prepared, perhaps for several months' and at least 1000 computers were infected in advance," Gostiyev said.

    "The virus could be of use above all to criminal groups seeking to distribute spams," he added.

    Commercial footing

    Another representative of the Internet security firm said that the generation of computer experts in Russia who unleashed viruses in the 1990s merely wanted to create havoc but this was no longer the case.

    "The virus creators have moved onto a commercial footing. They are financed by groups which make their money from spam," Alexei Zernov told AFP.

    Kaspersky Labs describes itself as one of the world's top 10 anti-virus firms and has offices in nine countries including the United States, Germany, Britain, Japan and France.

    According to the security firm, some 600,000 or so computers have been infected by the bug.

    SOURCE: AFP


    YOU MIGHT ALSO LIKE

    Why some African Americans are moving to Africa

    Escaping systemic racism: Why I quit New York for Accra

    African-Americans are returning to the lands of their ancestors as life becomes precarious and dangerous in the USA.

    Why Jerusalem is not the capital of Israel

    Why Jerusalem is not the capital of Israel

    No country in the world recognises Jerusalem as Israel's capital.

    North Korea's nuclear weapons: Here is what we know

    North Korea's nuclear weapons