Russia likely origin of Mydoom worm

Russia is 80-percent likely to be the origin of the Mydoom computer worm, which has become the worst ever Internet epidemic.

    The worm could be an attempt to distribute spam mail

    A top Russian anti-virus firm said on Friday it had traced the first emails infected with Mydoom to addresses with Russian internet providers and it adds, the worm could be an attempt to distribute spam mail.

    "We have special software to monitor Internet traffic across the world. This detected that the first emails infected by the worm came from Russian providers," Denis Zenkin, spokesman for the Russian security firm Kaspersky Labs told AFP

    "But there is a still a 20-percent chance that this was an attempt to mislead. Virus programmers from other countries could have registered an email address in Russia and transmitted their harmful programmes via it," he said.

    Microsoft and SCO, the owner of the Unix operating system, have together offered $500,000 in rewards for information leading to the arrest and prosecution of Mydoom's creators.

    "This worm is a criminal attack," said Brad Smith, senior vice president and general counsel at the Microsoft software giant.

    Variant of version A

    MyDoom.B, detected on Wednesday, is a variant of the earlier released MyDoom.A worm, also known as the Novarg worm, which became the worst epidemic on the Internet.

    It installs a programme that directs infected computers to launch so-called denial-of-service attacks on Microsoft's main corporate website.

    Mydoom spreads through e-mail attachments and downloads from the popular Kazaa file-sharing service, which lets Internet surfers share content such as games, movies and music.

    California-based Panda Software said Mydoom.A was still spreading rapidly, even though individual computer users may be seeing fewer infected e-mails.

    It said one in every five e-mails is carrying this worm, making four million infected e-mails in circulation and slowing down Internet traffic around the world.

    The virus has attacked Windows
    based machines

    Junk mail

    An expert from Kaspersky Labs, Alexander Gostiyev, told a newsconference in Moscow that the creators of the virus were not aiming to disrupt Internet traffic but use infected computers to distribute unsolicited junk mail.

    The attack "was very well planned and prepared, perhaps for several months' and at least 1000 computers were infected in advance," Gostiyev said.

    "The virus could be of use above all to criminal groups seeking to distribute spams," he added.

    Commercial footing

    Another representative of the Internet security firm said that the generation of computer experts in Russia who unleashed viruses in the 1990s merely wanted to create havoc but this was no longer the case.

    "The virus creators have moved onto a commercial footing. They are financed by groups which make their money from spam," Alexei Zernov told AFP.

    Kaspersky Labs describes itself as one of the world's top 10 anti-virus firms and has offices in nine countries including the United States, Germany, Britain, Japan and France.

    According to the security firm, some 600,000 or so computers have been infected by the bug.



    Interactive: Coding like a girl

    Interactive: Coding like a girl

    What obstacles do young women in technology have to overcome to achieve their dreams? Play this retro game to find out.

    Why America's Russia hysteria is dangerous

    Why America's Russia hysteria is dangerous

    The US exaggerating and obsessing about foreign threats seems quite similar to what is happening in Russia.

    Heron Gate mass eviction: 'We never expected this in Canada'

    Hundreds face mass eviction in Canada's capital

    About 150 homes in one of Ottawa's most diverse and affordable communities are expected to be torn down in coming months