Two new worms were found this past Monday, both of which seek to exploit Windows-based PCs that have already been infected by the original MyDoom e-mail virus.
Like the weakened MyDoom.B e-mail virus variant, however, both of the new worms are categorized as low-risk by security researchers, who note that few users have actually been compromised.
Unlike MyDoom.A and MyDoom.B, the new attacks don't spread via e-mail attachment but rather prowl the Internet looking for MyDoom-compromised computers that haven't yet been inoculated.
The first worm, dubbed Doomjuice, attempts to seize infected computers for a Distributed Denial of Service (DDoS) attack on Microsoft's Web site.
The second worm, called Deadhat, removes the MyDoom virus and waits for further instructions, presumably from yet another worm; Deadhat got its start on the Soulseek file-sharing system.
The Web site of SCO, a small software maker based in Utah, has been shut down for more than a week after being hit by MyDoom. SCO has drawn the ire of advocates of Linux, the freely available operating system, for claiming to own the copyright on some parts of Linux and demanding licensing fees from users.
Both companies have also set up alternate Web sites at https://information.microsoft.com and http://www.thescogroup.com and are each offering a $250,000 bounty for information leading to the capture of MyDoom's author.
Update your Security Software...