Free Republic

PCs Used in Korean DDoS Attacks May Self Destruct There are signs that the concerted cyber attacks targeting U.S. and Korean government and commercial Web sites this past week are beginning to wane. Yet, even if the assaults were to be completely blocked tomorrow, the attackers could still have one last, inglorious weapon in their arsenal: New evidence suggests that the malicious code responsible for spreading this attack includes instructions to overwrite the infected PC's hard drive. Update: This is already happening. Please be sure to read the updates at the end of this post. Original post: According to Joe...

Hackers extracted lists of files from computers that they contaminated with the virus that triggered cyberattacks last week in the United States and South Korea, police in Seoul said Tuesday. The attacks, in which floods of computers tried to connect to a single Web site at the same time to overwhelm the server, caused outages on prominent government-run sites in both countries. The finding means that hackers not only used affected computers for Web attacks, but also attempted to steal information from them. That adds to concern that contaminated computers were ordered to damage their own hard disks or files...

It looked like Google’s stockmarket flotation might be derailed at the last minute by an interview in Playboy magazine that seemed to contravene listing rules. However, the Securities and Exchange Commission has reportedly given it the go-ahead, and the search-engine company could be valued at as much as $36 billion when its shares start trading later this week. Is it worth anything like that? GOOGLE’S founders, Larry Page and Sergey Brin, have always had an air of niceness about them: after all, Google was the first company to promise “not to be evil” in the prospectus for its initial public...

update Major Internet search engines were crippled Monday morning by a variant of the MyDoom worm, rendering Google inaccessible to many users and slowing results from Yahoo. The attack also affected smaller engines, including Alta Vista, a Yahoo subsidiary, and Lycos. Google representatives confirmed that the MyDoom worm affected performance of the search engine, but, despite numerous e-mail complaints received by News.com, said the attack had a limited impact. "At no point was the Google Web site significantly impaired, and service for all users and networks is expected to be restored shortly," the company said in a statement. A Lycos...

A NETCRAFT ALERT reveals that the SCO site is down, but whether that's because of a denial of service attack following the MyDoom virus or because the guys want some peace and quiet to watch a ball game is unclear. As the techie world+dog knows, the MyDoom virus not only clogged up corporate Windows databases but also had a trigger to get infected machines to try connect to SCO on the 1st of February. The later version of MyDoom, B, also included Microsoft in the list of sites to attack. Netcraft. µ

<p>A new Internet worm is burying businesses in e-mail. The appropriately named "Mydoom" is the fastest-spreading online outbreak in history. Estimates are that in its first two days Mydoom hit 142 countries, and was to be found in one in 12 e-mail messages. As many as 100,000 Internet-connected computers world-wide are infected, and more are becoming so all the time. If nothing changes, eventually a worm like Mydoom will cause serious damage. Perhaps a power grid will go down; or an air-traffic-control system will go awry; or a 911 system will collapse. It's only a matter of time.</p>

'80% chance' Mydoom originated in Russia January 30 2004 at 11:30AM Moscow - There is an 80 percent probability that the Mydoom computer worm - which as become the worst ever Internet epidemic - originated in Russia, according to a top Russian anti-virus firm. The Russian security firm Kaspersky Labs said it had traced the first emails infected with Mydoom to addresses with Russian Internet providers. "We have special software to monitor Internet traffic across the world. This detected that first emails infected by the worm came from Russian providers," the firm's spokesperson Denis Zenkin, told AFP. "But there is...

<p>Russian anti-virus specialist Kaspersky Labs has identified a variant of MyDoom, the worm that has been spreading through the Internet at a furious pace since Monday.</p> <p>The variant, which Kaspersky has labelled MyDoom.b, has a slightly larger payload compared with MyDoom.a and targets Microsoft Corp. for a denial-of-service attack to be launched starting on Feb. 1, instead of The SCO Group Inc. The worm features minor modifications to the text of the e-mail that carries it, but is otherwise identical to the original.</p>

The first copycat of the widespread Mydoom worm appeared Wednesday on the Internet, and some analysts are warning it may be even more dangerous than the original. Dubbed Mydoom.b by most security firms, the variant strongly resembles the Mydoom, now tagged as Mydoom.a, but adds some new disturbing traits. Some of the subject lines used by Mydoom.b depart from the original, including new headings of 'Delivery error' and 'Returned mail,' both which try to trick users into believing that the message is legit and can safely be opened. Another change in Mydoom.b is the addition of microsoft.com as a target...

SEATTLE, Jan 28 (Reuters) - A variant of the MyDoom worm has emerged as the most devastating virus since last summer, and is likely to target Microsoft Corp.'s Web site, security experts said on Wednesday. Since appearing earlier this week, the worm, also dubbed Novarg or Shimgapi, has infected computers across the globe by enticing users to open a file attachment that releases a program that potentially allows other attackers to gain unauthorized access. The financial damage from the virus-like program -- from network slowdown to lost productivity -- is already being measured in the billions of dollars, according...

SCO Offers Reward for Arrest and Conviction of Mydoom Virus Author SCO Offers Monetary Reward for Arrest and Conviction of Perpetrator of Damaging Mydoom Virus LINDON, Utah, Jan. 27 /PRNewswire-FirstCall/ -- The SCO Group, Inc. , the owner of the UNIX® operating system and a leading provider of UNIX-based solutions, today confirmed that it is experiencing a distributed Denial-of-Service attack. SCO announced that it is offering a reward of up to a total of $250,000 for information leading to the arrest and conviction of the individual or individuals responsible for creating the Mydoom virus. "During the past ten months...

A fast-spreading mass-mailing virus has emerged as an unlikely weapon in the ongoing 'Linux War' between the SCO Group (Quote, Chart) and the open-source community. Anti-virus experts have increased the threat level on the W32.Novarg.A@mm (MyDoom) virus, which is spreading like wildfire through e-mail in-boxes worldwide and is programmed to launch a massive distributed denial-of-service (DDos) attack against the SCO home page. "This one is pretty bad. It's widespread and it only looks to be increasing," said Chris Belthoff, a senior security analyst at Sophos, Inc. "This takes the Linux Wars to a new intensity. It appears that the author...

Antivirus firms warned on Monday of a new mass-mailing computer virus that had gained a foothold in a large number of PCs by masquerading itself as an e-mail error. The virus, dubbed MyDoom, arrives in an in-box with one of several different random subject lines, such as "Mail Delivery System," "Test," or "Mail Transaction Failed." The body of the e-mail contains an executable file and a statement such as: "The message contains Unicode characters and has been sent as a binary attachment." Antivirus firms were scrambling Monday afternoon to learn more about the virus, which started spreading at about 1...