IDG News Service - Computer security experts remembered the MyDoom e-mail worm yesterday, one year after it tore through the Internet, deluged e-mail systems with infected messages and set records for infecting vulnerable computer systems.
The new worm caused headaches for network administrators, downed The SCO Group Inc.'s Web site and spawned a short-lived three-way war of words between virus authors. But the MyDoom outbreak is being recalled one year later as an event that signaled the end of the amateur virus writers and the clear emergence of sophisticated, new virus authors with criminal ties and a hunger for illicit profit from spam and online extortion.
MyDoom.A, the first version of the worm, appeared Jan. 26, 2004, and quickly began spreading across the Internet. At the height of the MyDoom outbreak on Jan. 26 and Jan. 27, 2004, the worm was found in one of every 12 messages intercepted by e-mail security vendor MessageLabs Ltd. The company stopped 1.2 million MyDoom messages in the first 24 hours after it was identified, MessageLabs said.
"It was one of worst viruses ever," said Graham Cluley, senior technology consultant at antivirus company Sophos PLC.
MyDoom was a bad virus even on the heels of a year of bad viruses, including Blaster and Sobig, which ravaged computers worldwide five months before, in August 2003, he said.
However, MyDoom was notable for what it left in its wake, rather than the ferocity with which it spread, according to Alex Shipp, a senior antivirus technologist at MessageLabs.
In particular, MyDoom installed a Trojan horse program on machines it infected, which were used to launch a denial of service (DOS) attack against SCO's Web site, beginning on Feb. 1, 2004. At the time, Network Associates Inc., now McAfee Inc., estimated that between 25,000 and 50,000 computers took part in the attack against www.sco.com.
That network of thousands of MyDoom-infected machines became a valuable resource for the underground community because they could be used in future DOS attacks, or to distribute future MyDoom variants and spam, experts said.
"MyDoom marked the moment at which virus writing went commercial," said Shipp.
The success of MyDoom's network of zombie machines helped catch the attention of online criminals, who realized that there was money to be made from controlling virus-infected machines, according to Shipp and others.
The networks created by MyDoom and similar worms, such as Sobig, have led to a huge increase in the amount of spam, which is forwarded through the networks of infected systems. Online extortion, carried out by zombie networks against Web sites that don't pay protection money, has also become
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts