Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

MyDoom worm: the latest weapon in the Linux wars? Sophos comments

  • 28 January, 2004 12:33

<p>28 January 2004</p>
<p>Virus researchers at Sophos are suggesting that the W32/MyDoom-A worm, currently spreading widely across the internet, may have been deliberately constructed as a weapon in the current round of "Linux wars". The worm launches a distributed denial of service attack against the website of SCO, who have recently courted controversy in the Linux community. Such an attack could potentially knock SCO's website off the internet.</p>
<p>In May 2003 US-based SCO claimed that versions of the Linux open source operating system use code owned by SCO. It has begun offering Linux users a licence to protect them against possible legal action. Leading Linux developers such as Linus Torvalds, the inventor of Linux, have denied that Linux source code contains any SCO intellectual property. SCO has also launched legal actions against IBM, Red Hat, and Novell.</p>
<p>"Conflicts between SCO and the open source community have been escalating for some months and it seems the MyDoom worm, which attacks the SCO website, may have been deliberately constructed and unleashed by its author as part of this ongoing wrangle," said Sean Richmond, Sophos's Technical Support Manager for Australia and New Zealand.</p>
<p>Once the MyDoom worm has infected a PC it attempts to spread via mass-emailing and includes a backdoor that turns the computer into a "zombie" which can unwittingly launch the attack against SCO's website between 1 and 12 February.</p>
<p>Sophos offers the following advice:</p>
<p>1. Don't act on web links or attachments sent to you in emails.</p>
<p>2. Block all Windows programs (EXE, DLL, SCR, BAT, PIF, CMD, etc.) files at your email gateway if you can. Because of the associated risks, there is almost no business case for distributing programs by email.</p>
<p>3. Filter outbound email with a product such as Sophos Pure Message or Sophos MailMonitor before it leaves your network. This is good "internet citizenship", because it limits the collateral damage you can do to the internet even if you become infected.</p>
<p>4. Update your anti-virus software regularly and frequently so you can identify the latest threats accurately. Using a product (such as Sophos Enterprise Manager) which can automate updates takes the stress and uncertainty out of the process.</p>
<p>Notes for Editors.</p>
<p>About Sophos.
Sophos is a world leading specialist developer of anti-virus and anti-spam software. Sophos is headquartered in the UK and protects all types of organisations, including small- to medium-sized businesses, large corporations, banks, governments and educational institutions
against viruses and spam. The company is acclaimed for delivering the
highest level of customer satisfaction and protection in the industry. Sophos's products, backed by 24 hour support are sold and supported in more than 150 countries.</p>
<p>Sophos's regional head office for Australia and New Zealand is in Sydney and hosts one of the company's three Computer Virus Research and Development Laboratories to provide global support services.</p>
Sean Richmond ( is available for comment:
+61 2 9409 9161 (tel)
+61 2 9409 9191 (fax)</p>
<p>Sophos's press contact at Gotley Nix Evans is:
Michael Henderson (
+61 2 9957 5555 (tel)
+61 413 054 738 (mobile)
+61 2 9957 5575 (fax)</p>

Most Popular