Computer experts warn of ferocious worm variant

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

A new, fast-spreading version of the Mydoom worm destroys files on computers worldwide as it increases attacks via e-mails, Finnish computer security experts warned Thursday.

The "Mydoom.F" worm, discovered on Feb. 20, has so far infected about 5 percent of all Internet e-mail traffic, said Mikko Hypponen, director of research at a leading antivirus company F-Secure.

"It remained quiet over the weekend and then started to spread fast early this week as e-mail messaging speeded up after the normal weekend lull," Hypponen said. "It's very worrying because it destroys files and important documents, whereas the earlier Mydoom worms used computers simply as vehicles."

Two previous versions of the virus, Mydoom.A and Mydoom.B, were programmed to strike Microsoft Corp.'s Windows operating systems and to launch a worldwide attack on the Web site of SCO, one of the largest UNIX vendors in the world.

They were also set stop spreading on Feb. 12, but F-Secure continues to find them on the Internet, Hypponen said.

"They are still infecting computers because people have not updated their computer clocks," Hypponen told The Associated Press. "Many users don't pay any attention to the time on their computers, which could be set to the 1980s or 1990s."

The new version was likely not created by the makers of the previous versions of Mydoom, he said.

Mydoom.A is still the most active virus on the Internet, infecting some 7 percent of all e-mails, Hypponen said. Launched on Jan. 26, it hit more than half of all e-mails worldwide at its peak.

F-Secure, a Helsinki-based company, was one of the first to warn of the dangers of the e-mail Mydoom worm, also known as "Novarg." The company also warned of "Netsky.C" virus - otherwise known as "Moodown.C" - that was discovered on Wednesday and spreads itself in e-mails inside a zip file or as an executable attachment.

Last month, Microsoft promised US$250,000 to anyone who helps find and prosecute the creator of the fast-spreading Mydoom virus. The reward is the third announced so far under a US$5 million program Microsoft launched in November to help U.S. authorities catch authors of damaging viruses and worms aimed at consumers of the company's software.