New Zealand servers are being pounded by the latest Windows-based worm, known as MyDoom or Novarg.
The worm doesn't try to exploit a known hole in the Windows operating system, preferring to use the old fashioned approach of requiring a user to click on the attachment to trigger its payload. Apparently a large number of users are doing this as the virus is being rated as a highly infectious beast by the major anti-virus vendors, including Symantec and Network Associates. The worm attacks Windows 95, 98, Me, NT, 2000 and XP.
Allan Bell, marketing director for Network Associates Asia-Pacific, says the biggest impact of the worm is increased traffic in outbound email queues.
"It's a mass mailer, like most of the recent viruses we've seen, and this one tries to generate its own email addresses. That's leading to a lot of errors which will, we fear, clog up outbound email queues as they retry several times over."
Bell likens the impact potential to the SoBig virus, which took several months to bring under control, leading to a slow down in email delivery.
"It opens TCP port 3127 which suggests it's trying to remote access the user's PC in some way."
Bell says virus outbreaks are a security risk that can be learned from. While anti-virus software is vital, deploying desktop firewalls is also important.
"That way you can limit the applications that access the internet and that will mean even if you are infected it won't spread." Bell says users should ensure unused ports are blocked as well.
Telecom says it is blocking about 1000 viruses per minute.
Some reports suggest the worm will launch a denial of service attack on the home page of The SCO Group leading to something of a dilemma for Linux users posting to news aggregation site Slashdot. While there are those cheering on the virus, many are pointing out how bad it makes the open source community look.
SCO is engaged in a legal battle over ownership of the Linux code and has recently issued a licence for a number of flavours of the operating system.