MyDoom, one of the fastest-spreading internet worms ever produced, hit its target yesterday and shut down the American software company SCO’s website by flooding it with millions of requests.
Security experts believe a row about software ownership may be behind the attack on the SCO Group, which was unable to defend its website despite knowing the attack was on its way.
SCO has made itself unpopular by claiming that its intellectual property had been illegally included in Linux, an open source operating system, which means that its source code is freely available to everyone. Many programmers hate the idea of people trying to own it.
MyDoom generates as many as one in nine of all the messages being sent globally. It may have affected more than a million PCs.
It first appeared on Monday and in most cases seems to a message delivery failure notice. The worm is activated when the user opens an attached file.
It forwards itself not only to all the addresses in the e-mail system but to any address it finds on the computer’s hard drive, such as those on websites which have been cached.
It also ”spoofs” e-mail addresses — pretending to come from a different user — so that recipients cannot tell who is infected.
It then causes the infected computer to launch a ”denial of service” attack on SCO’s website by requesting it every 50 milliseconds. SCO admitted on Sunday that its servers had been unable to cope.
”The companies which are usually attacked are either anti-virus, anti-spam or Microsoft,” said Graham Cluley, senior technology consultant at the software security firm Sophos.
”You have to ask why SCO have been targeted and there’s been controversy around them … because of the debate about who owns Linux. It’s made a lot of people very angry.”
Most writers on open source discussion sites condemned the virus writer on Sunday, and Bruce Perens, a leading open-source programmer, issued a statement suggesting that spammers had launched the virus to smear the open source community, which has created anti-spam technology.
He pointed out that spammers often used denial of service attacks to shut down opponents’ websites.
Microsoft is the target of a variant, MyDoom.B, which will begin denial of service attacks tomorrow, but is unlikely to be as badly affected as SCO. – Guardian Unlimited Â