|
||||||||
|
||
Advertisement | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
New Mydoom.B version of computer worm found ( 2004-01-29 09:14) (Agencies)
Internet security experts found a new version of the Mydoom computer worm, dubbed the Mydoom.B, that evades detection measures for the original worm, Finland's F-Secure said.
"The new virus has been modified so that the original Mydoom anti-virus protection does not detect it," said Mikko Hyppoenen, director of computer security firm F-Secure's anti-virus division. "It is in the wild, and computers are getting infected, but so far in less numbers than by the original Mydoom virus," he added. The Mydoom.B worm is designed to attack www.microsoft.com, Microsoft Corp's main website, as well as the website of US-based software vendor SCO, which is the sole target of the original Mydoom worm. In addition, it has a new feature, rendering it impossible for infected computers to access the websites of several anti-virus software firms. "This is a nightmare come true for us .... infected users won't get updates from anybody," Ero Carrera, a virus cracker with F-Secure, said after neutralizing the latest variant. The new worm has already been cracked however, taking F-Secure's experts just 90 minutes and posing far less trouble than the first one, Hyppoenen said. "This was much easier, since we already had cracked and thoroughly analyzed the first version, so it went fast," he noted. Computer users should update their virus protection software immediately, he urged, adding that several anti-virus firms have posted the necessary software free of charge on their websites. To get rid of the virus, users should access the anti-virus firms' web sites from a clean computer and download the necessary files there, then transfer them to the infected computer by floppy disk, he said. The new virus must have been created by the same person or group that authored the first Mydoom worm, as the modifications were made to the original source code, Hyppoenen said. Buried in its programming code -- and only readable after it has been decrypted -- was also the message "Andy; I'm just doing my job, nothing personal, sorry" from the creator, Hyppoenen said. F-Secure Corporation is a leading provider of security for companies' computer systems, including anti-virus software. On Wednesday the original Mydoom worm continued to spread throughout the world, causing over 100 million infected e-mails to be sent. In Europe the percentage of e-mails infected by the Mydoom worm rose from 21 percent Wednesday morning to over 33 percent in the afternoon, Hyppoenen said, citing statistics from several European Internet service providers. Most of those e-mails never reached end-users though, as many companies'
anti-virus protection system intercepted them before they reached their
destinations, he said.
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
.contact us |.about us |
Copyright By chinadaily.com.cn. All rights reserved |