Members
  • Total Members: 12811
  • Latest: nodrog
Stats
  • Total Posts: 28507
  • Total Topics: 8238
  • Online Today: 852
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Updated MyDoom Virus Responsible for DDOS Attacks, Says AhnLab  (Read 1774 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


An updated version of the MyDoom virus is responsible for a large DDOS (distributed denial of service) attack that took down major U.S. Web sites over the weekend and South Korean Web sites on Wednesday, according to Korean computer security company AhnLab.

When it was discovered in January 2004, MyDoom quickly became the fastest-spreading e-mail worm in Internet history: http://www.viruslist.com/viruses/encyclopedia?virusid=57410
Once a PC was infected with MyDoom, it would harvest e-mail addresses and e-mails itself out repeatedly. Early variants MyDoom were coded to conduct DDOS attacks against other Web sites within certain time periods.

The latest MyDoom variants seen by AhnLab also include a downloader that can bring other malicious code into the compromised PC, a feature also present in earlier versions of the malware. An additional file contains details of Web site to be attacked.

It lists 13 South Korean Web sites and 23 U.S. sites, according to a Korean blogger who analyzed the source code. Most of the sites on the list are those reported to have been attacked or are still under attack.

While U.S. sites experienced problems over the weekend, in South Korea the trouble began on Tuesday night. Throughout most of Wednesday many of the Web sites, which include several high-profile properties, were unavailable.

As of 6 p.m. local time (9 a.m. GMT) government sites inaccessible are the presidential Web site, the National Assembly and those of the Foreign Affairs and National Defense ministries. Also offline are the Grand National Party, U.S. Forces Korea and the electronic banking sites of Korea Exchange Bank, Shinhan Bank and NongHyup Bank.

Shortly before 6 p.m. two major commercial sites that had been unavailable for most of the day, the Chosun Ilbo national daily and Internet Auction, reappeared. Only two of the 13 Korean sites listed had been available for most of the day: the e-mail and blog sites of major portal Naver.

AhnLab said the code has been written so its possible for the attackers to change the list of sites targeted.

(PCW)

Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising