Most Read Technology Reporter For More Than Two Decades

Maureen O'Gara

Subscribe to Maureen O'Gara: eMailAlertsEmail Alerts
Get Maureen O'Gara: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Huge MyDoom Zombie Army Wipes Out SCO

Huge MyDoom Zombie Army Wipes Out SCO

[Sunday, February 1, 2004 - MyDoom-infected PCs worldwide were scheduled to attack SCO starting today, but machines set to the wrong time were also recruited. Here Maureen O'Gara reports on what has happened so far today.]

At 4 am Sunday morning New York time a besieged SCO sent out a message saying that a large-scale Denial of Service attack had overwhelmed its site. Independent experts such as UK-based mi2g confirmed that SCO was paralyzed.

According to mi2g,"All legitimate requests to download pages from several cities across the globe were completely timing out as of 20:00 hours GMT" Saturday and "since then there has been no sign of capability to serve web pages or entertain http requests by including all of Sunday."

Based on what is known about the virus, SCO said it expected the attacks to continue through February 12. A separate, ostensibly smaller MyDoom.b wave is expected to hit SCO on Tuesday when the virus is also supposed to launch an attack against Microsoft.

Jeff Carlon, SCO's unenviable worldwide director of IT infrastructure, promised "a series of contingency plans" that will undoubtedly involve moving the site around to other URLs.

In a prepared statement, Carlon said to stand by for SCO to take action on Monday. On Sunday, mi2g was wondering why SCO's senior management had yet to take out of the Domain name server (DNS) system or redirect the http requests elsewhere.

Virus experts at the Kaspersky Laboratory in Moscow say the virus started in Russia, according to the Itar-Tass news service. Western experts seem to agree.

At a news conference on Friday, Kaspersky said MyDoom's perpetrator or perpetrators appear to retrieve secret information from infected computers that they can sell, Tass said. They can also profit from circulating spam using the address books culled from the infected computers.

Mi2g figures MyDoom is now the most destructive virus ever, beating the record set by SoBig. The British virus watcher calculates that MyDoom has done $38.5 billion worth of damage so far in terms of overtime payments, contingency outsourcing, loss of business, bandwidth clogging, productivity erosion, management time reallocation, cost of recovery and software upgrades

The only good news mi2g has to report is that the number of new MyDoom infections worldwide had slowed down somewhat on Sunday. It said, "Only about 10 of the top 50 web hosts and ISPs in the world are showing any signs of abnormal delay on their networks or periodic failed requests made to their web site at this stage.

More alarming, however, is mi2g's conclusion that the perpetrator of MyDoom is a "clever strategist combined with being a sophisticated programmer."

More Stories By Maureen O'Gara

Maureen O'Gara the most read technology reporter for the past 20 years, is the Cloud Computing and Virtualization News Desk editor of SYS-CON Media. She is the publisher of famous "Billygrams" and the editor-in-chief of "Client/Server News" for more than a decade. One of the most respected technology reporters in the business, Maureen can be reached by email at maureen(at) or paperboy(at), and by phone at 516 759-7025. Twitter: @MaureenOGara

Comments (5) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Most Recent Comments
Adipex 03/21/04 12:43:08 PM EST

probably the most annoying virus ever huh

Tyler Jensen 02/12/04 06:41:54 PM EST

An interesting comparison was drawn by a previous post to LOTR and the assumption of a contract between the film maker and Tolkien Enterprises and an ill formed intimation that the proper forum for SCO's lawsuit would be a state court. Give me a break! First, the LOTR film rights were purchased outright in 1969 from Tolkien for a reported 12,000 pounds. New Line purchased those rights from the original purchaser, not from Tolkien Enterprises, but you'll be glad to learn that New Line is currently seeking to purchase the film rights to The Hobbit. Second, the issue of jurisdiction is a non-starter. The forum for SCO's lawsuit was and is clearly the Federal court system. Third, I agree wholeheartedly with the author of this article that mi2g's conclusion is alarming. To describe the cyber-terrorist that wrote MyDoom as a "clever strategist" and "sophisticated programmer" may be truthful, but such praise for a low-life criminal virus writer borders on sycophantic irresponsibility.

Daniel Wallace 02/06/04 02:15:55 PM EST

"New Line Cinema obtained a license from Tolkien Enterprises (not the same as the Tolkien Estate) to make a derivative work based on the _Lord of the Rings_."

You bet they did. Only the "license" was not a "unilateral
permission". It was a "contract" just like I stated. Any
enforcement of that contract would fall under state law.
I'll bet it's a valid contract too.

Russ 02/03/04 11:03:59 AM EST

>> More alarming, however, is mi2g's conclusion that the perpetrator of MyDoom is a "clever strategist combined with being a sophisticated programmer."

Nice concluding paragraph guys. Who writes this stuff?

Jon E Cash 02/03/04 08:24:08 AM EST

Let another attempt by SCO to try and discredit the open
source movement. It is probably one of their employees
who have perpetrated this on the world.