Experts say 'zombie' PC viruses could be used to extort money as 'MyDoom' strikes

Click to follow
The Independent Online

The "MyDoom" virus could presage a generation of computer attacks by organised gangs aiming to extract ransoms from online businesses, experts said yesterday.

The "MyDoom" virus could presage a generation of computer attacks by organised gangs aiming to extract ransoms from online businesses, experts said yesterday.

The warning came as the website run by SCO, a company that sells Unix computer software, in effect disappeared from the web under a blizzard of automated attacks from PCs infected by the virus, which first appeared a week ago.

The "MyDoom-A" version of the virus is reckoned to be the worst to have hit the internet, in terms of the speed of its spread, with millions of PCs worldwidebelieved to be infected. Such "zombie" machines begin to send out hundreds of copies of the virus every hour to almost any e-mail address in their files.

On Sunday they began sending automated queries to SCO's website, an attack that will continue until 12 February. The attack is the web equivalent of ringing the company's doorbell and running away a million times a second, leaving its computers unable to deal with standard requests to view its pages.

"You have to wonder about the time limit," said Graham Cluley, senior technology consultant at the antivirus company Sophos. "Someone could go to SCO after the 12th and say, 'If you don't want this to happen again, here are our demands'.'' Raimund Genes, European president of the security software firm Trend Micro, said: "Such a programme could take out any major website on the internet. It's not terrorism, but it is somebody who is obviously upset with SCO."

SCO has earned the enmity of computer users through a lawsuit it has filed against IBM. SCO claims ownership of computer code it says IBM put into the free operating system Linux, and is demanding licence fees and damages of $1bn.

Mr Cluley said: "It might be that whoever is behind this will say to SCO, 'if you don't want the next one to target you, drop the lawsuit'." SCO has offered $250,000 (£140,000) for information leading to the arrest of the person or people who wrote and distributed MyDoom.

Neil Barrett, of the security company Information Risk Management, said: "I would give a lot of credence to the idea of gangs using viruses to extort money. It's hard for law enforcement to track them down, because they're using machines owned by innocent people. "

A second variant of MyDoom will start attacking part of Microsoft's website later today. The antivirus company MessageLabs said it had blocked more than 16 million copies of the virus in transit over the net so far. But millions more will have reached their targets.

Comments