For most of this week, prominent Web sites in both South Korea and the United States have been being bombarded by DDoS (Distributed Denial of Service) attacks. At times, these assaults have knocked out multiple major sites. North Korea has been taking the blame for these attacks, but no one has any proof yet. What we do know is that the weapon that’s doing this damage is compromised Windows PCs.
Tens of thousands of Windows PCs have been taken over by an unknown botnet master. He or she is using an updated version of the ancient MyDoom Windows worm to make the attacks.
Let me put this in context. MyDoom dates from January 2004. It’s pre-historic by malware standards.
MyDoom, unlike most malware, such as Conficker was never meant to steal your credit-card numbers and the like. No, MyDoom, from its start as a DDoS attack dog aimed at SCO, was designed to wreck Web sites and, after it had done its work, blast your hard drive into randomized 1s and 0s.
Even today’s versions are primitive, brutally simple in its attacks, and, of course, powered by Windows. Without Windows, and its endless security holes, MyDoom couldn’t even exist, never mind thrive.