Logo
  Friday, July 19, 2019
Sign-In  |  Sign-Up  |  Contact Us  |  Bookmark 

Two new electronic worms emerged Monday, both of which seek to exploit Windows-based PCs that have already been infected by the original MyDoom email virus
Like the weakened MyDoom.B email virus variant, however, both of the new worms are categorized as low-risk by security researchers, who note that few users have actually been compromised. And unlike MyDoom.A and MyDoom.B, the new attacks don't spread via email attachment but rather prowl the Internet looking for MyDoom-compromised computers that haven't yet been inoculated. The first worm, dubbed Doomjuice, attempts to seize infected computers for a Distributed Denial of Service (DDoS) attack on Microsoft's Web site. The second worm, called Deadhat, removes the MyDoom virus and waits for further instructions, presumably from yet another worm; Deadhat got its start on the Soulseek file-sharing system. The antivirus experts at Network Associates note that while Doomjuice has had a bit of success, largely because some people didn't realize they were infected with MyDoom, neither worm is expected to make much of an impact. On the other hand, Doomjuice and Deadhat prove that previous thinking on electronic attack flare-ups might be out-of-date. "Computer users cannot treat the risk from malware as an episodic situation based on a specific virus event," said Ian Hameroff, a security strategist at Computer Associates. "Instead, they need to treat the cause, be it social engineering or outdated virus definition updates, not an individual flare-up." Microsoft denied reports that Deadhat was responsible for intermittent problems on its Web site Monday, informs Winnetmag According to The Australian unlike its predecessors, the variants do not flood the email boxes of infected PCs with unwanted spam. Instead, the worms take advantage of a so-called backdoor program installed on machines infected with MyDoom.A and MyDoom.B. "It is virtually a case of a virus attacking a virus," said AusCERT computer security analyst Joel Hatton. The effects of one variant, the Deadhat or Vesser worm, is unknown. The worm seeks out infected MyDoom computers and replaces the virus, leaving the computer vulnerable to further attacks. "It could become a stepping-off point for another attack," Mr Hatton said. "There actually aren't a huge number of users hit at the moment", according to Conor Flynn, technical director of Dublin-based Rits Information Security. "Although the antivirus companies are sending out alerts, none have gone to critical stage yet with these worms. They are nowhere near as virulent as the original MyDoom variants." "What we're concerned about is the potentially huge amount of bandwidth that will be used if Deadhat and Doomjuice start taking a foothold. The potential cost to the user lies in the fact that they use up bandwidth and keep telephone lines open all the time. Denial of service attacks also makes it hard to download updates," said Flynn. "There are a number of free personal firewalls such as Tiny that are suitable for home use. People should automatically download antivirus updates just like they automatically wear a seatbelt in car," advised Flynn, reports ENN
Print Two new electronic worms emerged Monday, both of which seek to exploit Windows-based PCs that have already been infected by the original MyDoom email virus Bookmark Two new electronic worms emerged Monday, both of which seek to exploit Windows-based PCs that have already been infected by the original MyDoom email virus

Related News   
JanFebruary 2004Mar
MoTuWeThFrSaSu
2627282930311
2345678
9101112131415
16171819202122
23242526272829
1234567