The worm modifies the host file on the compromised system so that 65 Web sites resolve to the IP address of 0.0.0.0, making them inaccessible.
The list of affected sites include major names in the anti-virus and security trade, including Symantec, McAfee, F-Secure, Sophos, Network Associates, and Kaspersky Labs. Microsoft's Office Update and Windows Update, as well as other Microsoft download locations, are also on the list.
That makes it much more dangerous than its predecessor, said Ken Dunham, the malicious code director for security firm iDefense.
"This new variant is worse than Mydoom.a," he said, because the lack of access to security and anti-virus sites will make it impossible for many users, particularly consumers, to obtain updates to protect or clean their systems. "This will result in a longer lifespan for Mydoom.b," he said.
Dunham, along with other security experts, suspect that Mydoom.b is being launched from computers already infected with the original Mydoom.a. "If this is the case," said Dunham, "Mydoom.b will likely become very prevalent in just a few hours."
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
