Well that didn’t take long. According to the Computer World website a London based security vendor name Mi2g Ltd. is reporting a new variant of the MyDoom virus has been identified. This one not only targets Microsoft’s website instead of SCO’s, but it supposedly modifies your system to block access to sites with info on how to get rid of it.
Dunham said the Mydoom.b worm modifies the standard hosts file in a Windows folder that can block access to 65 Web sites, most of which are antivirus Web sites, in an apparent attempt to block users from downloading antivirus solutions and data.
“This new variant of Mydoom is worse than Mydoom.a,” Dunham said in a statement via e-mail. “And an attack on the Microsoft.com Web site could cause a significant disruption of services for users worldwide. It’s feasible that Mydoom.a computers are now being used to help launch Mydoom.b, via the proxy setup supported by the worm. If this is the case, Mydoom.b will likely become very prevalent in the wild in just a few short hours.”
Although that doesn’t mean millions of computers are actually infected, it could mean millions of e-mails harboring the worm are in the wild, Dunham said.
He said computer users should be on guard for a succession of worm attacks this year. “Undoubtedly, attackers are now mirroring the success of worms like Sobig to launch successive attacks in 2004,” Dunham said.
Modifying your HOSTS file to block access to various websites is pretty easy to do as it’s just a standard text file and I’m actually surprised no one thought of it sooner. It’s no big deal to most true computer geeks, but it’ll stump the hell out of the average user. Yep, it looks like it’s going to be a bumper crop this year.