Welcome | Sign In
LinuxInsider.com
Security

SCO Sets $250K Bounty for MyDoom Worm Writer

Print Version
E-Mail Article
Reprints
SCO Sets $250K Bounty for MyDoom Worm Writer

By Jay Lyman
TechNewsWorld
Part of the ECT News Network
01/28/04 10:15 AM PT

"I don't think [SCO's reward] is bad, but I think it's aimed at industry favor as opposed to a real security stance," MessageLabs CTO Mark Sunner told TechNewsWorld. "Obviously, SCO is being singled out and they feel they need to make a bit of a stance, but I think it's more sabre rattling."


Increase Customer Sales with VerticalResponse Email Marketing! Quickly and easily send email newsletters, coupons & sales announcements to your customers – no technical expertise needed. Sign up for your Free Trial today and send 100 emails on us!

In response to what is being called the fastest-spreading computer virus of all time, SCO Group -- targeted by the MyDoom worm's estimated 3 million infected machines in a planned denial-of-service (DoS) attack scheduled for February 1st -- is offering a US$250,000 reward for information leading to the arrest and conviction of the worm's creators.

Calling the MyDoom outbreak more troubling than previous assaults against his company's Web site, SCO president and CEO Darl McBride pointed out that the worm is affecting a wide range of companies and computer users. SCO's site reportedly has undergone several DoS attacks since the company began its campaign to stake its rights to certain elements of the Linux operating system, which SCO alleges improperly borrowed from its own Unix source code.

"We do not know the origins or reasons for this attack, although we have our suspicions," McBride said in a statement. "This is criminal activity and it must be stopped. To this end, SCO is offering a total of $250,000 reward for information leading to the arrest and conviction of those responsible for this crime."

SCO is not the first company to put a bounty on virus writers' heads. Microsoft (Nasdaq: MSFT) announced a similar reward for the apprehension of those who create and distribute malicious code last November. However, virus fighters tend to view such rewards more as company statements and doubt their effectiveness as weapons in the war against malware.

Statement or Stance

"I don't think it's bad, but I think it's aimed at industry favor as opposed to a real security stance," MessageLabs CTO Mark Sunner told TechNewsWorld. "Obviously, SCO is being singled out and they feel they need to make a bit of a stance, but I think it's more sabre rattling. I don't think it will really unearth anything."

Nevertheless, SCO spokesperson Blake Stowell told TechNewsWorld that the company views the MyDoom worm as a more significant issue than past DoS attacks on its site -- and is therefore offering the reward in addition to working with law enforcement.

"It is more serious because it uses a virus to target our Web site versus just a hacker compromising some servers and compromising SCO's site," Stowell said. "It's a more serious matter not just for SCO, but for others online and potentially millions of computers downloading this virus and doing damage to machines in addition to attacking the SCO site."

While SCO has worked with law enforcement on the previous attacks, Stowell said the company's work with law enforcement on MyDoom marks a new level of significance, as the worm might go down as the biggest outbreak in history.

MyDoom Breaks Records

MessageLabs' Sunner, who reported MyDoom had infected an estimated 3 million machines with a presence in one out of every 12 e-mails worldwide at its peak, told TechNewsWorld that the worm has not slowed down yet.

Sunner said the previous fastest spreader, the SoBig worm, reached a peak infection ratio of one in every 17 e-mails. While he said MyDoom is spreading at a rapid and prolific rate, he also said the worm might not be as problematic as SoBig because it is not generating the amount of alerts that SoBig did and therefore is not clogging e-mail servers as badly.

Sunner credited two factors for MyDoom's success: timing and the use of a file-compression technique that allowed it to slip through traditional antivirus measures. The worm also employs an effective social-engineering trick that has duped thousands of users.

"This one is more cunning because it basically operates under the guise of a technical error," he said, referring to MyDoom's strategy to get users to launch the executable unwittingly.

Law Enforcement Involvement

While previous reported attacks on SCO's site have been viewed by opponents of the company's Linux licensing campaign as a publicity play, Stowell told TechNewsWorld that the involvement of law enforcement indicates how real the attacks have been.

"If anyone suggests that, it's simply crazy," Stowell said. "You don't make something like this up inside a company and invite the FBI to investigate. That's ludicrous."

Referring to the ineffectiveness of recent laws and harsh penalties for illegal spamming, Sunner said the worm writer bounties are also unlikely to result in the apprehension of the malicious code authors.

"It's more making a statement rather than anything that will actually yield a result," he said.

Print Version E-Mail Article Reprints More by Jay Lyman

Talkback: Be the first to comment on this story.

More by Jay Lyman

Open Source Developer Dumps Novell Over Microsoft Deal
December 26, 2006
A key open source developer, Jeremy Allison, who cofounded the Samba project, has resigned from Novell in protest over the company's recent agreement to enter a collaborative arrangement with Microsoft. The deal has created an uproar in the open source community because it does not treat all recipients of the GPL equally and thus violates the spirit of the license, critics say. 		Financial Firms Tap Microsoft for Linux
December 22, 2006
Three major financial institutions are among the first companies to go to Microsoft for Linux services, provided through an agreement the software giant struck with Novell. Although a recent survey showed customer approval of the collaboration, many members of the open source community view Novell's move as sleeping with the devil. 		Mozilla Beefs Up Security in Firefox 2.0
December 21, 2006
Mozilla's latest update to its open source Firefox browser includes security measures targeting phishers. Phishing scams that use social engineering techniques to dupe Web surfers into revealing personal financial information have become an effective way for cybercriminals to conduct their nefarious activities on the Internet.
Don't miss a story -- sign up for our FREE e-mail newsletters and view the latest headlines at a glance.
Tech News Flash [ View Sample ]
E-Commerce Minute [ View Sample ]
ECT News Network Weekly Newsletter [ View Sample ]
Shortcuts
> Get Business and Technology News Alerts
> Most Popular | Spotlight Features | Exclusives
> This Week on ECT News Network | Podcasts
> WiFi Hotspot Locator
> Inside LinuxInsider
LinuxInsider
E-Commerce Times
TechNewsWorld
MacNewsWorld
CRM Buyer
Today's LinuxInsider Sponsors
Avaya Aura™
Save up to 40% on calling costs with Avaya Aura™
Entrust Extended Validation SSL
Entrust EV SSL certificates -- "go green" for less. Now from only $199 per year.
Trend Micro Smart Protection Network(TM)
Lower your content security management costs by up to 40%.
ECT News Network Information
Reader Services
Corporate
ECT News Network
Terms of Service | Privacy Policy | How To Advertise
Copyright 1998-2009 ECT News Network, Inc. All Rights Reserved.