The SCO Group Inc. isnt taking the upcoming distributed denial-of-service attacks from the MyDoom worm lying down. The company on Tuesday offered a reward of as much as $250,000 for information leading to the arrest and conviction of the individual or individuals responsible for creating MyDoom.
The fast-moving Windows worm known as MyDoom began spreading over the Internet on Monday. However, analysis of the worm showed that it also planned to launch a denial-of-service attack on Unix vendor SCO in February.
“During the past ten months SCO has been the target of several DDOS attacks,” said Darl McBride, SCOs CEO in a prepared statement.
“This one [MyDoom] is different and much more troubling, since it harms not just our company, but also damages the systems and productivity of a large number of other companies and organizations around the world,” McBride continued, “The perpetrator of this virus is attacking SCO, but hurting many others at the same time. We do not know the origins or reasons for this attack, although we have our suspicions. This is criminal activity and it must be stopped.”
The Lindon, Utah-based SCO said it was also working with U.S. law enforcement authorities, including the Secret Service and Federal Bureau of Investigation, to determine the identity of the persons involved with the release of the worm.
According to Steven Sundermeier, vice-president for products and services for Central Command Inc., a leading anti-virus and security company, this isnt the first time that a firm offered a bounty for a virus writer. However, “[b]ased on past results, its not likely to work. Microsoft offered a similar deal and award, $250,000 for the writers of SoBig and Gibe but it amounted to nothing.”
Part of the problem, Sundermeier explains is “Were in a new era of virus writers. Theyre not there to make a reputation in virus circles or with script kiddies, but to make a malicious point. Their worms are stealthier than before and theyre creators are a lot more quiet.”
In theory, MyDoom wont start launching its DDoS attacks on SCOs Web site until February 1, but SCO on Tuesday reported that it had already experienced an attack. At press time on Tuesday afternoon, SCOs site was still accessible.
Sundermeier commented Central Command had yet to see any early attacks from the “live worms” in its labs. “On the other hand, these [current] DDoS attacks may not have anything to do with MyDoom.”