Welcome!

Linux Containers Authors: Zakia Bouachraoui, Elizabeth White, Liz McMillan, Pat Romanski, Stefana Muller

Related Topics: Linux Containers, Java IoT

Linux Containers: Article

MyDoom Comes From Russia With Hate, Moscow Times Confirms

MyDoom breaks previous record set by the Sobig worm, which infected 1 in every 21 messages at its peak last summer.

LinuxWorld here brings you the article verbatim. The headline is in the original Moscow Times version:

Rampant E-Mail Virus Traced to Russia

Friday, Jan. 30, 2004

By Simon Ostrovsky Staff Writer

"MyDoom, the fastest-proliferating computer virus ever, has been traced to Russia.

Using location-sensing software, Kaspersky Labs has traced the first e-mails infected with MyDoom back to addresses with Russian Internet providers.

"It's scary, but most serious viruses are written in Russia," said Denis Zenkov, spokesman for Kaspersky, the country's largest anti-virus software company.

Ever since it first appeared Monday night, the virus has managed to latch onto every 12th e-mail sent, slowing down Internet traffic around the world.

"This virus can only be compared to chemical warfare, an indiscriminate weapon of mass destruction," said Mikhail Yakushev, a legal adviser for Microsoft in Russia.

MyDoom breaks a previous record set by the Sobig worm, which infected one in every 21 messages at its peak last summer.

Most disturbing is that the virus gives its creators -- or anyone who cracks the virus's code -- the power to take control of an infected PC.

The virus has already infected 600,000 to 700,000 computers around the globe, Kaspersky Labs estimates.

And it has caused some $2 billion in losses worldwide, according to Computer Economics, an Internet monitoring company.

Thirteen percent of infected computers are in the United States, compared to a figure of under 1 percent for Russia, according to Kaspersky Labs.

"Russia usually does better fighting e-mail viruses than the United States because systems administrators are generally more competent here and install protection quicker," Zenkov said.

Russia might be better prepared, but then it is often the source of server-stomping viruses, as in the case of MyDoom.

"We don't understand why, because usually programmers write viruses during an economic downturn when there is no work and nothing else to do," Zenkov said. "Right now there is plenty of work for Russian programmers."

The cause of damage is not primarily the virus's ability to take control of an infected computer and change information stored on the hard drive.

Instead, the virus wreaks havoc by sending itself to all the addresses stored inside an infected PC, exponentially increasing e-mail traffic and overloading web servers.

MyDoom spreads as an attachment to e-mails or as a file on the KaZaA file sharing system. It uses a multitude of file names, subject lines and file extensions, making it difficult to notice.

When the infected attachment is opened, the virus automatically installs files in the computer's system, making it possible to use the computer as a proxy server for sending out future versions of the file and to take control of the computer itself.

"If the virus's creators don't send out an updated version of the virus it will be under control in the next few days," Zenkov said.

MyDoom is not the only virus traced to Russia. Dumaru and Mimail have also betrayed Russian origins.

But MyDoom has been the most problematic. One Utah-based software company, SCO, has gone so far as to offer $250,000 for any information leading to the arrest of the virus programmers.

SCO's web address is specifically targeted by MyDoom. The virus is encoded to bombard SCO's web site with requests every 50 milliseconds starting Feb. 1. Such a huge volume of requests is almost certain to crash the company's server, causing huge financial losses.

SCO has branded MyDoom as "criminal activity that must be stopped." In a statement on the company's web site, president and CEO Darl McBride said "we have our suspicions" as to the perpetrators. He did not elaborate.

SCO is one of the most ardent opponents of the open source code movement, which calls for software companies to make their programming code available to the public.

If convicted of creating or distributing harmful computer programs, hackers face up to seven years imprisonment under Russian law, according to Microsoft's Yakushev. The Federal Security Service said it was not able to confirm immediately if a criminal investigation had been opened into the MyDoom case.

If it has, the FSB shouldn't look for some teen computer whiz. "Its creators are skilled professionals," Zenkov said."

More Stories By Linux News Desk

SYS-CON's Linux News Desk gathers stories, analysis, and information from around the Linux world and synthesizes them into an easy to digest format for IT/IS managers and other business decision-makers.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


IoT & Smart Cities Stories
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in ...
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...
Rafay enables developers to automate the distribution, operations, cross-region scaling and lifecycle management of containerized microservices across public and private clouds, and service provider networks. Rafay's platform is built around foundational elements that together deliver an optimal abstraction layer across disparate infrastructure, making it easy for developers to scale and operate applications across any number of locations or regions. Consumed as a service, Rafay's platform elimi...
Two weeks ago (November 3-5), I attended the Cloud Expo Silicon Valley as a speaker, where I presented on the security and privacy due diligence requirements for cloud solutions. Cloud security is a topical issue for every CIO, CISO, and technology buyer. Decision-makers are always looking for insights on how to mitigate the security risks of implementing and using cloud solutions. Based on the presentation topics covered at the conference, as well as the general discussions heard between sessio...
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Day 2 Keynote at 17th Cloud Expo, Sandy Ca...
New competitors, disruptive technologies, and growing expectations are pushing every business to both adopt and deliver new digital services. This ‘Digital Transformation’ demands rapid delivery and continuous iteration of new competitive services via multiple channels, which in turn demands new service delivery techniques – including DevOps. In this power panel at @DevOpsSummit 20th Cloud Expo, moderated by DevOps Conference Co-Chair Andi Mann, panelists examined how DevOps helps to meet the de...
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...