As pre-programmed, MyDoom.A took out SCO Group's Website February 1, smothering the site with a tidal wave of data in a massive denial-of-service attack, with Microsoft Corp. bracing for MyDoom.B's similarly pre-programmed assault upon its Web presence.
"Internet traffic began building momentum on Saturday evening and, by midnight Eastern Time, the SCO Website was flooded with requests beyond its capacity," said an SCO company statement, adding that it expects the attack to persist while it takes measures to deal with it.
"This is the biggest single (denial of service) attack ever," said F-Secure antivirus research director Mikko Hypponen in a statement on that security company's own Website. "We estimate the total amount of infected computers to be over one million. Of those, only the computers that have been rebooted (or infected) today are actually attacking."
MyDoom.A appeared in cyberspace January 26 and quickly became the fastest-spreading worm in Internet history, with MyDoom.B appearing two days later. First believed to have set a similar February 1 attack launch date, MyDoom.B has not yet begun hitting Microsoft Windows, though several reports say experts think that round of attacks could begin February 3.
As the SCO attacks launched in earnest, Reuters said various security experts were surprised by the speed and the severity of the actual attack, though no outages or slowdowns elsewhere in cyberspace were reported because of MyDoom. But antivirus and computer security companies like Network Associates continued warning that the main threat remains to unsuspecting MyDoom recipients.
"At this particular point people shouldn't lose sight of the fact that the virus is still spreading," said antivirus emergency response vice president Vincent Gullotto to Reuters.
SCO has become something of a target ever since it claimed copyright control over critical pieces of the technology that's used to compose and run the Linux operating system. While SCO has in the past accused Linux programmers or supporters of instigating previous denial-of-service attacks against the company's Internet properties, SCO has been careful not to make similar accusations since MyDoom appeared. Both SCO and Microsoft have offered $250,000 bounties for information leading to the arrest and conviction of MyDoom's creator(s).
The SCO attacks have been programmed to continue until February 12. "It will only get worse for SCO as time goes on," Hypponen said in the F-Secure update.
Microsoft may be bracing for MyDoom.B's planned attackes, but Symantec, the makers of Norton Antivirus, said MyDoom.B wasn't likely to wreak as deep a round of havoc as MyDoom.A because the B variant simply had not spread as widely as the first one did, according to senior director Vincent Weafer. "Really," he told reporters, "we are seeing very little of the B variant."
