This article is more than 1 year old
MyDoom dabs spotted on mega cyberassault
Traces of guilt
An updated version of the MyDoom worm is blamed for ongoing denial of service attack against high-profile US and South Korean websites, according to preliminary analysis.
Korean anti-virus firm AhnLab reckons that cyberattacks against the US Department of the Treasury and Federal Trade Commission (among others) stem from an updated version of malware first associated with denial of service attacks against SCO, and later, Microsoft in 2004. The malware, which normally spreads in infected email attachments, also creates a backdoor on infected Windows PCs.
Analysis of the source code of the latest version of MyDoom contains a hit list of 13 South Korean and 23 US websites, most of which are featured in the current attack, Computerworld reports. That's not conclusive proof of a link but is close to the cyber-equivalent of recovering partial matching footprints from the scene of a crime.
South Korean intelligence officials have said North Korea or North Korean sympathizers are behind the attacks, though so far they have provided no technical evidence supporting their claims. ®