The viruses are largely alike: they are designed to spread by attaching copies of the program to email messages and download additional features from compromised Web sites. Moreover, they are all difficult to clean from an infected Microsoft Windows-based PC, because they stop the system from connecting to antivirus Web sites to download updates.
The fact that several similar variations of MyDoom have been released in quick succession suggest that a more lethal version may be in the works, said Sam Curry, vice president of product management for Computer Associates International's eTrust software.
"We saw similar behaviour with the Bagle virus -- three or more variants of a virus... were all low, but then they were followed by a high-threat virus," he said. "We are pretty much on alert now through the weekend, and we are recommending that people be careful with email."
The original MyDoom appeared in January. It spread quickly as a malicious attachment carried by spam e-mail. At the time, some antivirus vendors declared the program the worst mass-mailing computer virus to hit Internet users. It is programmed to set off data floods that target Web sites belonging to Microsoft and the SCO Group, a company that has claimed ownership of key technology in the Linux operating system.
Recent versions of the virus have renewed attacks on Microsoft, containing messages that have asked for a job in the security industry.
The inclusion of antiremoval code in the MyDoom offshoots that emerged Friday could be a sign that spammers and others in the Internet underground want to gain control of vast numbers of PCs, said Alfred Huger, senior director of security response at Symantec, an antivirus company.
"I think we are looking at someone looking to do a real-estate grab," he said. "The virus seems to be about getting new hosts and keeping them."
Another plausible theory is that the writer or writers behind the malicious program are tweaking its abilities and testing the result, Huger noted.
"It is entirely likely that (iterative development) is going on or that the source has been released to a new group of people," he said.
That could mean that a bigger Doom is on the way, he said.
In order to post a comment you need to be registered and logged in
Log in or create your ZDNet UK account below
By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Membership FAQ
Apple are currently pushing to get tv content on the iPad by April 3rd. This could possibly be seen as a spoiler for that announcement I suppose....
11 hours ago by John Molloy
Hey - presume you mean something that builds on Apple's existing TV device? Apple have already had a couple of runs at building Apple TV and it's...
17 hours ago by Andrew Donoghue on Google's TV timing may reveal more to come
Google, Sony, Intel may build TV project www.zdnet.co.uk/news/emerging-tech/2010/03/18/google-sony-intel-may-build-tv-project-40088359/
18 hours ago on Twitter by BVE2011
70,0000 to 90,0000 computers? A very small number considering some of these botnets are in the millions, and there are so many of them operating,...
18 hours ago by ator1940 on Microsoft says it decimated Waledac botnet I agree Roger, and why can't they write secure code? What will happen when they find stolen code in windows? They have a track record of...
19 hours ago by ator1940 on Microsoft lashing out at Linux, open source Do you think it will really take days?
19 hours ago by ator1940 on Microsoft previews Internet Explorer 9 with HTML 5 support
Wonder how many days it will take before somebody codes an exploitive hack for IE9?
1 day ago by Xwindowsjunkie on Microsoft previews Internet Explorer 9 with HTML 5 support
There are some really good people in Microsoft and I wonder, how embarassing it must be for them to see how the organisation behaves from it's...
1 day ago by roger andre on Microsoft lashing out at Linux, open source
Great new look for ZDNET UK web-site http://bit.ly/9R5eAA to check it out @ZDNetUK #zdnet
2 days ago on Twitter by ajclarke
Microsoft previews Internet Explorer 9 with HTML 5 support - zdnet.co.uk http://bit.ly/9FSh23
2 days ago on Twitter by feedfrog
We were just pondering on when IE will get HTML5 and CSS3 onboard! this is excellent
2 days ago by kencogold on Microsoft previews Internet Explorer 9 with HTML 5 support
RT @suziedaniels: relaunched www.zdnet.co.uk raises the bar yet again! its so fast it makes my eyes bleed.
2 days ago on Twitter by riptari This is brilliant - I borrowed one and straight away saw that a few AP`s were set up to the wrong country. It gives interference levels on each...
2 days ago by Bob Preece on Fluke Networks AirCheck Wi-Fi Tester
http://www.zdnet.co.uk/news/networking/2010/03/11/european-parliament-votes-down-acta-treaty-40085614/ (Where does this leave #Debill?)
2 days ago on Twitter by _SimonArnoldme
relaunched www.zdnet.co.uk raises the bar yet again! its so fast it makes my eyes bleed.
2 days ago on Twitter by suziedaniels
Redesign complet pour ZDNet UK et AU, Twitter au centre http://www.zdnet.co.uk/ http://www.zdnet.com.au/
2 days ago on Twitter by eparody
RT @eparody: Redesign complet pour ZDNet UK et AU, Twitter au centre http://www.zdnet.co.uk/ http://www.zdnet.com.au/
2 days ago on Twitter by cdutheil
Sharepoint 2010 in photo's http://www.zdnet.co.uk/reviews/communication-and-collaboration/2010/03/04/sharepoint-2010-screenshots-40070577/
2 days ago on Twitter by gerardvFor multi-store outlets, including retail, banking, grocery, gas, hospitality, convenience stores and others, reducing (or avoiding) the cost of in-store system support and maintenance while maintaining compliance with PCI and other requirements has become a strategic challenge.
Speaker: Dr. Chenxi Wang, Principal Analyst, Security and Risk Management, Forrester Research, Inc. As Enterprises are increasingly connected to the Internet and as hard organizational boundaries are fast disappearing, security professionals are facing fresh challenges in Enterprise computing.
This tutorial is for new MindManager users and teaches you how to get started, by creating maps, reading maps and organizing your information.
