NEWS A new version of the mass-mailing MyDoom virus has hit the net, aiming data attacks at Microsoft's website and interfering with an infected PC's ability to access downloadable security-software updates.
The move follows the appearance earlier this week of the original MyDoom which targeted SCO's website.
Sharon Ruckman, senior director for security response at Symantec, said: "We are trying to understand [what the virus' authors are doing], but they are basically trying to stop people from going to security sites."
MyDoom.B, the second version of the virus, is already spreading around the internet, said Ruckman. It includes some changes to the email that carries the virus, including new subject lines and a message that mimics an error from Sendmail software, a common email gateway server.
The virus-laden emails have an attachment that, when opened, installs a program on the victim's computer that opens up a software back door.
Attackers can then bypass the PC's security and turn the infected system into a 'bounce point' for any network-based attack.
Both versions of the virus are also programmed so that infected PCs will send data to the main web server of the SCO Group between 1 February and 12 February. F-Secure has other ways of getting its software updated and so should not be affected by the issue, said Tony Magallanez, systems engineer with the Finnish antivirus company.
"In our software we have ways of circumventing that problem," Magallanez said. "We have multiple ways of updating the program and our software will fail-over to the alternate methods."
Symantec, F-Secure and other antivirus companies are currently analyzing the new mass-mailing virus.
Robert Lemos writes for News.com
Comments
There is 1 comment. Join the discussion
1. Buttons
I think it is a discrace. Only a sick mind could do something like this. If the author is reading this i hope you burn in hell! You low life scum!