The first MyDoom virus appeared in late January and soon earned
itself the title of the "fastest spreading virus ever". Spread by
e-mail, the virus programmed infected computers to launch an attack
on the web site of software company the SCO Group.
MyDoom.B appeared shortly after, targeting Microsoft's web site.
Both Microsoft and SCO have offered rewards of $250,000 each for
information leading to the conviction of the worm's author.
Then, on Monday, came the news that two more versions of the
worm, known respectively as Doomjuice and DeadHat were loose. But
Doomjuice not only tries to launch an attack on the Microsoft web
site from every computer it infects, it also leaves behind a copy
of the original MyDoom source code.
"There is already a $500,000 reward for information leading to
the conviction of MyDoom's author," said Graham Cluley, senior
technology consultant for anti-virus firm Sophos, in a statement.
"If he has spread his code around the net onto innocent computers
in an attempt to hide in the crowd, then he's more sneaky than the
average virus writer."
"The other possibility is that MyDoom's author is spreading the
code to encourage others to write copy-cat viruses which try and
mimic MyDoom's global spread. The need for sensible security
policies and multi-tier virus protection has never been greater,"
continued Cluley.
