Posted on 01/26/2004 5:45:19 PM PST by Golden Eagle
New virus infects PCs, whacks SCO
By Robert Lemos
update A mass-mailing virus that quickly spread around the Internet on Monday is compromising computers so they attack the SCO Group's Web server with a flood of data, according to antivirus companies.
The virus--known as MyDoom, Novarg and as a variant of the Mimail virus by different antivirus companies--arrives in an in-box with one of several different random subject lines such as "Mail Delivery System," "Test" or "Mail Transaction Failed." The body of the e-mail contains an executable file and a statement such as: "The message contains Unicode characters and has been sent as a binary attachment."
"It's huge," said Vincent Gullotto, a vice president in security software maker Network Associates' antivirus emergency response team. "We have it as a high-risk outbreak."
In one hour, Network Associates itself received 19,500 e-mails bearing the virus from 3,400 unique Internet addresses, Gullotto said. One large telecommunications company has already shut down its e-mail gateway to stop the virus.
Once the virus infects a PC, it installs a program that allows the computer to be controlled remotely. The PC then starts sending data to the SCO Group's Web server, a Symantec spokesman said.
The SCO Group has incurred the wrath of the Linux community for its claims that important pieces of the open-source operating system are covered by SCO's Unix copyrights. IBM, Novell and other Linux backers strongly dispute the claims.
SCO technicians couldn't immediately confirm that a denial-of-service attack had begun. By 4 p.m. PST, the company's Web site was slow to load, a SCO spokesperson acknowledged, but the site was still accessible from the World Wide Web.
SCO's Web site was taken offline by such denial-of-service attacks a handful of times in the last year. In the past, the company has blamed Linux sympathizers for at least one of the attacks.
Antivirus companies were scrambling on Monday afternoon to learn more about the virus, which started spreading about noon PST.
"A lot of the information is encrypted, so we have to decrypt it," said Sharon Ruckman, a senior director in antivirus software maker Symantec's security response center. Symantec has had about 40 reports of the virus in the first hour, a high rate of submission, Ruckman said.
In fact, NO. That's a strawman and a non sequitur all rolled up together.
My point about this virus, as with most virii, is that they feed off the vulnerabilities of a POPULAR O/S: Windoze.
Get over yourself. I don't "blame" this on Microsoft, (like you BLAMED this on Linux advocates.)
If you insist on the analogy, then do it correctly.
When a gun is used to intentionally kill someone, it is not defective, and there should be no liability for the manufacturer. But, when a shoddy gun explodes because of a material defect in the hands of a user at a gun range, then the manufacturer should be liable.
If a hacker uses a Microsoft server to launch attacks on SCO, then there should be no liability for Microsoft. But when Microsoft knowingly ships defective software to innocent folks that can be "exploded" remotely in the face of the user, then maybe they do deserve some liabilty.
If it turns out that all Kwikset Deadbolt locks had a secret skeleton key that opens them all, and burglars found out about it, shouldn't Kwikset be responsible at a minimum, for replacing those vulnerable locks?
WHO is very obviously a victim?
I am not in a hurry to do anything but attribute the slowdown in net-traffic due to MyDoom worm between the criminals (the hackers) and their preferred platform (Windows machines.)
I am NOT indicting Microsoft like YOU are indicting Linux afficionados.
If Microsoft is a victim, then it is of their own making.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.