Home / MyDoom is here to stay

MyDoom is here to stay

While Microsoft and SCO seem to have weathered the worst of the storm of denial-of-service attacks launched by the MyDoom worms, experts are warning it’s not all over yet.

While Microsoft and SCO seem to have weathered the worst of the storm of denial-of-service attacks launched by the MyDoom worms, experts are warning it’s not all over yet.

Although both MyDoom.A and its less widespread variant MyDoom.B are programmed to “self-terminate” on 12 February, they leave a “back door” on infected machines, allowing them to be used for other attacks, research firm Gartner warned yesterday.

“Don’t make the mistake of believing that the threat from the MyDoom outbreak is limited to high-profile targets such as SCO and Microsoft – or that the threat will end on a particular date,” Gartner said in a report. “MyDoom has created an army of “zombies”: remote PCs that can be used to execute attackers’ future commands. These attacks will likely continue after 12 February 2004, and the threat will not end until the MyDoom executable has been removed from all machines.”

MyDoom.A has been dubbed the worst-ever internet virus, and it succeeded in its aim of disabling the SCO corporate web site with a massive denial-of-service attack over the weekend. The Unix vendor has been forced to remove its web site from the internet domain name system, and redirect users to a new URL.

While MyDoom.B was programmed to launch denial-of-service attacks at both SCO and Microsoft’s sites, its relatively low proliferation meant the second attack had very little impact, and Microsoft said it had successively contained the threat as of yesterday. Both companies have offered a $250,000 cash reward for information leading to the capture of the virus writers, believed to be the same for both variants.

Gartner recommends that enterprises immediately take steps to block the threat of MyDoom. Companies should ensure that their internet firewalls block the targeted internet ports (3198 through 3217); scan all network-connected PCs to identify and remove the MyDoom executable; and encourage employees to scan their personal systems using free tools available online.

Last year’s MSBlast worm has been lingering on many home users’ PCs, causing network congestion. On New Year’s Eve last year, Microsoft released a tool to help users remove it from their systems.

To avoid future virus attacks Microsoft recommends that users use an internet firewall on any PC or laptop connected to the internet, keep their system updated with the latest security updates, and make sure that up-to-date security software is installed.

Follow us to get the most comprehensive technology news in UAE delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.

CHANNEL AWARD 2018