Feb 12, 2004 : MyDoom Continues to Exploit Backdoor
📅 - The MyDoom virus is programmed to stop spreading today, but machines infected by the virus remain susceptible, warns the mi2g Intelligence Unit, a digital risk firm. According to mi2g, the vulnerability exists because of a backdoor opened by the origianl variant of the virus that has no time limit and stays open until the infected machine is cleaned. This backdoor, accessible via port TCP 3127, leaves infected machines vulnerable to other MyDoom variants and hackers looking for infected machines.
Several reports estimate that MyDoom-infected machines number in the hundreds of thousands.
According to a mi2g report published today, a fourth variant, MyDoom.d, has emerged. The new variant is programmed to launch a distributed denial of service attack (DDoS) against Microsoft and, like the MyDoom.C variant discovered earlier this week, uses the open backdoor in infected machines to propogate itself.
According to mi2g, the new variant differs from MyDoom.c in that it is programmed to launch a continuous DDoS attack against Microsoft in every month except January on all days except between the 8th and 12th of the month, whereas MyDoom.c is set to launch a single DDoS attack up to the 12th of each month. According to research and analysis firm Netcraft (netcraft.com), MyDoom.d is also more difficult to detect, using random HTTP headers to make it more difficult to filter the attack traffic.
The MyDoom virus has launched DDoS attacks against the Web sites of The SCO Group and Microsoft, favorite targets of the open source community.
At last count, the MyDoom virus had caused $43.9 billion dollars in economic damage in 215 countries worldwide.
Several reports estimate that MyDoom-infected machines number in the hundreds of thousands.
According to a mi2g report published today, a fourth variant, MyDoom.d, has emerged. The new variant is programmed to launch a distributed denial of service attack (DDoS) against Microsoft and, like the MyDoom.C variant discovered earlier this week, uses the open backdoor in infected machines to propogate itself.
According to mi2g, the new variant differs from MyDoom.c in that it is programmed to launch a continuous DDoS attack against Microsoft in every month except January on all days except between the 8th and 12th of the month, whereas MyDoom.c is set to launch a single DDoS attack up to the 12th of each month. According to research and analysis firm Netcraft (netcraft.com), MyDoom.d is also more difficult to detect, using random HTTP headers to make it more difficult to filter the attack traffic.
The MyDoom virus has launched DDoS attacks against the Web sites of The SCO Group and Microsoft, favorite targets of the open source community.
At last count, the MyDoom virus had caused $43.9 billion dollars in economic damage in 215 countries worldwide.
Reads: 2125 | Category: General | Source: TheWHIR : Web Host Industry Reviews
URL source: http://www.thewhir.com/marketwatch/myd021204.cfm
Want to add a website news or press release ? Just do it, it's free! Use add web hosting news!
📅 - 
📅 -