“A mass-mailing virus quickly spread through the Internet on Monday, compromising computers so that they attack the SCO Group’s Web server with a flood of data on Feb. 1, according to antivirus companies,” Robert Lemos reports for CNET News.com.
“The virus–known as MyDoom, Novarg and as a variant of the Mimail virus by different antivirus companies–arrives in an in-box with one of several different random subject lines, such as ‘Mail Delivery System,’ ‘Test’ or ‘Mail Transaction Failed.’ The body of the e-mail contains an executable file and a statement such as: ‘The message contains Unicode characters and has been sent as a binary attachment,'” Lemos reports.
“‘It’s huge,’ said Vincent Gullotto, vice president of security software maker Network Associates’ antivirus emergency response team. ‘We have it as a high-risk outbreak.’ In one hour, Network Associates itself received 19,500 e-mails bearing the virus from 3,400 unique Internet addresses, Gullotto said. One large telecommunications company has already shut down its e-mail gateway to stop the virus,” Lemos reports.
“Once the virus infects a Windows-running PC, it installs a program that allows the computer to be controlled remotely. The program primes the PC to send data to the SCO Group’s Web server, starting Feb. 1, a virus researcher said on the condition of anonymity. The SCO Group has incurred the wrath of the Linux community for its claims that important pieces of the open-source operating system are covered by SCO’s Unix copyrights. IBM, Novell and other Linux backers strongly dispute the claims,” Lemos reports.
“The virus installs a Windows program that opens up a ‘back door’ in the system, allowing an attacker to upload additional programs onto the compromised device. The back door also enables an intruder to route his connection through the infected computer to hide the source of an attack,” Lemos reports.
Computers running Apple’s Macintosh and Mac OS X operating systems are unaffected.
Full article here.