Chicago Tribune | Computer users worldwide fall victim to worm:
"A rapidly spreading worm has infected personal computers worldwide, clogging e-mail traffic at an unprecedented pace.

Known as MyDoom, the worm is sent as an attachment and is contained in about one of every 12 e-mails sent, according to one security firm. Other experts said the message accounts for one in nine sent globally."

That volume makes MyDoom the most prolific worm or virus ever, according to security firm MessageLabs, surpassing last year's SoBig virus. SoBig was detected on one out of every 17 e-mails.

The worm propagates through cleverly written e-mail, Internet security analysts say. When opened, the worm replicates itself on e-mail addresses it finds and is sent on to new potential victims.

The worm doesn't exploit any flaws in the Windows operating system, but once inside a computer it releases a virus that allows the attackers to gain access and use the computer to launch an attack.…

The worm and its variant strains all have the same target: software firm SCO Group, of Lindon, Utah.

Infected computers are set to swamp SCO's Web site beginning Sunday in what is known as a denial-of-service attack. A successful denial-of-service attack causes a Web site to become inaccessible, effectively shutting it down. The attack is scheduled to start Sunday and continue until Feb. 12.

SCO owns the Unix computer operating system and maintains that Linux, a popular free operating system, infringes on its copyright by incorporating Unix features. SCO has gone to court to assert its ownership rights, angering some computer hackers who see Linux as an alternative to Microsoft's Windows.…

This is a pretty darned sophisticated worm," said David Perry, global education director for Trend Micro, a computer security company. "It is very well socially engineered."

Social engineering is a way of saying the worm is adept at getting users to open e-mail and activate the program.

The worm was first noticed Monday on the computer networks of major corporations, Perry said. That means the person who created MyDoom knows that corporate users can have hundreds or thousands of e-mail addresses on their computers, while home users typically have far fewer.

"If a corporate desktop gets infected, it can send out 5,000 or 6,000 e-mails in a tenth of a second," Perry said. He said that hundreds of thousands of computers have since become infected, in part because of MyDoom's rapid reproduction.

Many people know not to open suspicious e-mail or to click on e-mail attachments from strangers. But MyDoom "spoofs" its recipients by sometimes using the return e-mail address of an individual known to the target.

And the e-mail's message can be deceptive.

The subject line in some e-mails reads "Mail Transaction Failed," and the message includes "Partial message is available" and an icon to click.

Perry said such e-mail is a lot more likely to be opened than a typical spam message.…

http://www.chicagotribune.com/technology/chi-0401280318jan28,1,1664606.story?coll=chi-newsnationworld-hed