Computer experts are cautioning the U of T community not to open any unexpected email attachments as a virus known as a “worm” makes its way around the globe.
The MyDoom worm, also known as the Novarg worm, was first picked up by U of T Computer and Network Services Monday night, noted Bruce Rolston, manager of web and info services for the department of public affairs.
The worm is carried through email attachments with filenames ending with .bat, .cmd, .exe, .pif, .scr, and .zip.
According to Rolston, the worm is particularly tricky because it also attacks Zip files.
So far, the campus has remained relatively unscathed, a fact which Rolston attributes to user savviness. “People on this campus are getting smarter about these things,” he noted adding “Our advice is to avoid opening attachments unless you are expecting them.”
Many students have found their inboxes clogged with incomprehensible messages from unknown senders, but Rolston points out that this does not mean a computer has been infected. “Actual virus messages are quite rare,” he said, noting that the others are simply blowback as the worm tries to compromise new computers. “Don’t assume you’re necessarily infected just because you get these messages.”
According to early news reports, the worm’s target is SCO Group, Inc. a company waging a very public battle against Linux users. SCO claims the Linux operating system contains software violating the company’s intellectual property. Linux is an open-source system that rivals Unix, the system used by Microsoft. Linux is free, whereas Unix must be paid for.
The actual payload of the MyDoom attack is to be launched against SCO’s Web site on Feb. 1, where infected computers will all attempt to connect to the site. The flood of connections could potentially shut down the site. This is known as a distributed Denial of Service attack, or DDOS.
SCO Group is currently offering a $250,000 reward for the capture of MyDoom’s creator.
