Is Virus the Work of Linux Lovers?
A new computer virus proved Tuesday to be one of the fastest variants of the modern annoyance -- and one of the most finicky.
The rogue program, whose monikers include MyDoom and Novarg, tells machines to attack the website of SCO Group Inc., a software firm reviled by many techies for its legal assault on the free operating system Linux.
But MyDoom’s author displays even more discriminating taste by telling machines to steer clear of e-mail addresses belonging to the U.S. military or the federal government, perhaps, some surmise, to avoid prosecution under the USA Patriot Act.
MyDoom plays other favorites. It protects UC Berkeley and other institutions of higher learning, the beloved search engine company Google Inc., antivirus software maker Symantec Corp. and software behemoth Microsoft Corp., a veteran of several virus attacks.
“I can’t explain it,” said systems engineer Tony Magallanez of F-Secure Inc. in Finland.
Antivirus programs stopped MyDoom soon after it began spreading, primarily by e-mail, on Monday, but the virus knocked out 200,000 to 300,000 machines more quickly than any of its predecessors, experts said.
The virus infects machines running most versions of the Windows operating system made by Microsoft, which pledged Tuesday to keep security spending the top priority in its $6.8-billion annual research and development budget.
Once it installs itself, MyDoom creates a back door to its host computer that can be used by the author, other hackers or senders of unsolicited commercial e-mail, known as spam.
Although the program doesn’t break much technical ground, it uses jargon to effectively mimic the look of a harmless returned e-mail. It can also spread itself through the Kazaa file-trading service, which claims more than 100 million users.
Lindon, Utah-based SCO took the assault personally. The MyDoom code orders an attack aimed at shutting down its website starting Feb. 1. Spokesman Blake Stowell said SCO’s main website was knocked offline briefly Tuesday, perhaps by infected computers that didn’t know what day it was.
SCO, which is threatening to sue major Linux users on copyright grounds, has been the target of three previous attacks.
“We have our suspicions” that a Linux enthusiast is to blame for MyDoom, Stowell said.
But Eric Raymond, a leader of the Linux movement, said SCO’s suspicions were misplaced. “If one of our guys had written it,” he said, “the thing would be much harder to track and much more devastating.”
