New worm seeks to attack Microsoft

Hackers have developed a new version of powerful Mydoom internet worm that attempts to use infected computers to launch attacks aimed at shutting down Microsoft's main website, experts said Monday.

    Ero Carrera cracked the Mydoom virus in two hours

    The security firm F-Secure said the new worm, dubbed Doomjuice or Mydoom.C, spreads between computers that are already infected with the original Mydoom.A worm.

    The original Mydoom worm had infected more than one million computers worldwide at its peak in late January and highlighted the vulnerability of the internet to infections that allow affected computers to be controlled for hacker attacks.

    Doomjuice uses the so-called "backdoor" program installed by Mydoom.A that allows a hacker to gain access to an infected computer, F-Secure said.

    "To locate machines with the backdoor open, Doomjuice scans random IP (Internet Protocol) addresses... If the port is open the worm sends itself in a specially crafted package that makes the Mydoom.A infected machine execute the file thus infecting it with Doomjuice too."

    Doomjuice triggers a so-called denial of service (DDoS) attack against www.microsoft.com by trying to overload the site with information requests.

    "In order to overload www.microsoft.com the worm starts 16-80 parallel threads that connect to the website and try to download the main page in an infinite loop," F-Secure said.

    Second version

    Mydoom.B, the second version of the worm, also launched an attack on Microsoft, but failed to shut down the website. Mydoom.A shut down the site of SCO, owner of the Unix operating system.

    The British-based security firm mi2g said that Microsoft's website "has been intermittently inaccessible on a few occasions from major North American, European and Asian cities on Saturday and Sunday as MyDoom continued to spread relentlessly and MyDoom.b upgraded MyDoom.a infected machines."

    "MyDoom is still out there and spreading," said mi2g's DK Matai.

    "It has picked up momentum in the last 48 hours once again. This is a dangerous global epidemic. There are over a million computers still infected that have their backdoors open and they are being upgraded to MyDoom.b which targets Microsoft."

    SOURCE: AFP


    YOU MIGHT ALSO LIKE

    Revival: The Muslim Response to the Crusades

    Revival: The Muslim Response to the Crusades

    This part of 'The Crusades: An Arab Perspective' explores the birth of the Muslim revival in the face of the Crusades.

    Going undercover as a sex worker

    Going undercover as a sex worker

    A photojournalist describes how she posed as a prostitute to follow the trade in human flesh.

    Africa is not poor, we are stealing its wealth

    Africa is not poor, we are stealing its wealth

    It's time to change the way we talk and think about Africa.