Interesting People mailing list archives
CSN & LNX FLASH: Huge MyDoom Zombie Army Wipes Out SCO
From: Dave Farber <dave () farber net>
Date: Sun, 01 Feb 2004 15:38:05 -0500
Delivered-To: dfarber+ () ux13 sp cs cmu edu Date: Sun, 01 Feb 2004 13:33:31 -0500 From: paperboy () g2news com Subject: CSN & LNX FLASH: Huge MyDoom Zombie Army Wipes Out SCO To: dave () farber net Client Server NEWS & LinuxGram 533.1 NewsFlash Competitive Intelligence about Servers, Storage & Related Phenomena Huge MyDoom Zombie Army Wipes Out SCO Sunday, February 1, 2004 - The first of the hundreds of thousands of MyDoom-infected PCs worldwide started bombarding the SCO Group's web site www.sco.com on what was still Saturday in the US as Australia, New Zealand, Japan, China, Singapore and other Asian countries moved into Sunday February 1, when MyDoom had scheduled the attack on SCO to start. Machines set to the wrong time were also recruited. At 4 am Sunday morning New York time a besieged SCO sent out a message saying that a large-scale Denial of Service attack had overwhelmed its site. Independent experts such as UK-based mi2g confirmed that SCO was paralyzed. According to mi2g,"All legitimate requests to download pages from several cities across the globe were completely timing out as of 20:00 hours GMT" Saturday and "since then there has been no sign of capability to serve web pages or entertain http requests by www.sco.com including all of Sunday." Based on what is known about the virus, SCO said it expected the attacks to continue through February 12. A separate, ostensibly smaller MyDoom.b wave is expected to hit SCO on Tuesday when the virus is also supposed to launch an attack against Microsoft. Jeff Carlon, SCO's unenviable worldwide director of IT infrastructure, promised "a series of contingency plans" that will undoubtedly involve moving the site around to other URLs. In a prepared statement, Carlon said to stand by for SCO to take action on Monday. On Sunday, mi2g was wondering why SCO's senior management had yet to take www.sco.com out of the Domain name server (DNS) system or redirect the http requests elsewhere. Virus experts at the Kaspersky Laboratory in Moscow say the virus started in Russia, according to the Itar-Tass news service. Western experts seem to agree. At a news conference on Friday, Kaspersky said MyDoom's perpetrator or perpetrators appear to retrieve secret information from infected computers that they can sell, Tass said. They can also profit from circulating spam using the address books culled from the infected computers. Mi2g figures MyDoom is now the most destructive virus ever, beating the record set by SoBig. The British virus watcher calculates that MyDoom has done $38.5 billion worth of damage so far in terms of overtime payments, contingency outsourcing, loss of business, bandwidth clogging, productivity erosion, management time reallocation, cost of recovery and software upgrades The only good news mi2g has to report is that the number of new MyDoom infections worldwide had slowed down somewhat on Sunday. It said, "Only about 10 of the top 50 web hosts and ISPs in the world are showing any signs of abnormal delay on their networks or periodic failed requests made to their web site at this stage. More alarming, however, is mi2g's conclusion that the perpetrator of MyDoom is a "clever strategist combined with being a sophisticated programmer." Client Server NEWS 2000 is published weekly by G2 Computer Intelligence Inc. http://www.g2news.com 323 Glen Cove Ave.; Sea Cliff, NY 11579, USA; Tel.:516 759-7025 Fax: 516 759-7028. Send press releases to news () g2news com Subscription price per year: $595/£395 individual reader. Corporate Subscription available at quantity discounts. paperboy () g2news com (c) Copyright 2004: While we are flattered that some of our readers may want to pass along copies of our stories to customers, clients, associates, friends, family and co-workers, please know that this practice is illegal, violates our intellectual property rights and undermines our efforts to bring you the kind of reporting you've come to expect. And, so the legalese: It is illegal to reproduce, copy, photocopy, forward, e-mail, publish, broadcast, post on an Internet/Intranet site, rewrite, store in a retrieval system or otherwise distribute this publication or any portion of this publication or any article in whole or in part by any means, mechanical, photocopying, recording or otherwise without the prior written permission of G2 Computer Intelligence. Comments? Subscription? Permission to post to a web site? Reprint info?: e-mail: paperboy () g2news com -------------------- - - - - - - - - - - - - Catch up on all the e-commerce news: www.onlinereporter.com Linux business news is at www.linuxgram.com Client Server News, The Online Reporter and LinuxGram are published weekly by G2 Computer Intelligence Inc. http://www.g2news.com ; 323 Glen Cove Avenue; Sea Cliff, NY 11579 USA; Tel.:516 759-7025 Fax: 516 759-7028. Send press releases to news () g2news com Available at quantity discount to associations, groups, departments and companies. paperboy () g2news com Europe: Simon Thompson simon () g2news com Tel: +44 (0)1280 820560; Fax: +44 (0)1280 820554 (c) Copyright 2004, G2 Computer Intelligence, Inc. Comments? Subscription, permission to post to a web site or reprint info?: e-mail: paperboy () g2news com ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- CSN & LNX FLASH: Huge MyDoom Zombie Army Wipes Out SCO Dave Farber (Feb 01)