Careers & Certifications

09:00 PM
Connect Directly
RSS
E-Mail
50%
50%

Hackers Target Systems Infected By 'Mydoom'

Now tagged by at least one security firm as "the worst worm in history," Mydoom has created a back door to infected systems that an army of hackers is quickly

In just three days, said F-Secure, Mydoom blew past Sobig to become the worst worm in virus history.

The widespread distribution of Mydoom will likely present problems for SCO and Microsoft -- both of which are targeted by the worm and its Mydoom.b variant, discovered Wednesday, for denial-of-service (DoS) attacks starting Sunday, Feb. 1 -- but the worm may also give average users major heartburn.

That's because Mydoom creates a backdoor to infected systems by opening numerous ports, which can then be used by attackers to secretly install malicious code, including key loggers or Trojan horses. That malicious code could also allow access the machine's hard drive, or make it perform other nefarious chores, such as spamming or conducting additional DoS attacks, said Symantec's Chien.

"Hackers are actively looking for open machines to compromise," said Chien, who noted that Symantec's Threat Management System -- a collection of network sensors deployed around the globe -- has seen substantial scanning activity targeting port 3127, one of the ports that Mydoom's back door opens.

"They are targeting the back door on this port, which can allow them to upload new malicious code as well as use the infected system to launch further attacks and forward spam," the Threat Management System reported in an alert. Symantec has seen more than 2,000 unique sources scanning for this port. Mydoom's back door opens TCP ports 3127 through 3198.

Previous
2 of 5
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed