New worm seeks to attack Microsoft

Hackers have developed a new version of powerful Mydoom internet worm that attempts to use infected computers to launch attacks aimed at shutting down Microsoft's main website, experts said Monday.

    Ero Carrera cracked the Mydoom virus in two hours

    The security firm F-Secure said the new worm, dubbed Doomjuice or Mydoom.C, spreads between computers that are already infected with the original Mydoom.A worm.

    The original Mydoom worm had infected more than one million computers worldwide at its peak in late January and highlighted the vulnerability of the internet to infections that allow affected computers to be controlled for hacker attacks.

    Doomjuice uses the so-called "backdoor" program installed by Mydoom.A that allows a hacker to gain access to an infected computer, F-Secure said.

    "To locate machines with the backdoor open, Doomjuice scans random IP (Internet Protocol) addresses... If the port is open the worm sends itself in a specially crafted package that makes the Mydoom.A infected machine execute the file thus infecting it with Doomjuice too."

    Doomjuice triggers a so-called denial of service (DDoS) attack against by trying to overload the site with information requests.

    "In order to overload the worm starts 16-80 parallel threads that connect to the website and try to download the main page in an infinite loop," F-Secure said.

    Second version

    Mydoom.B, the second version of the worm, also launched an attack on Microsoft, but failed to shut down the website. Mydoom.A shut down the site of SCO, owner of the Unix operating system.

    The British-based security firm mi2g said that Microsoft's website "has been intermittently inaccessible on a few occasions from major North American, European and Asian cities on Saturday and Sunday as MyDoom continued to spread relentlessly and MyDoom.b upgraded MyDoom.a infected machines."

    "MyDoom is still out there and spreading," said mi2g's DK Matai.

    "It has picked up momentum in the last 48 hours once again. This is a dangerous global epidemic. There are over a million computers still infected that have their backdoors open and they are being upgraded to MyDoom.b which targets Microsoft."



    Interactive: Coding like a girl

    Interactive: Coding like a girl

    What obstacles do young women in technology have to overcome to achieve their dreams? Play this retro game to find out.

    Heron Gate mass eviction: 'We never expected this in Canada'

    Hundreds face mass eviction in Canada's capital

    About 150 homes in one of Ottawa's most diverse and affordable communities are expected to be torn down in coming months

    I remember the day … I designed the Nigerian flag

    I remember the day … I designed the Nigerian flag

    In 1959, a year before Nigeria's independence, a 23-year-old student helped colour the country's identity.