[Glen Millar]

Sophos virus experts have analysed and issued protection against W32/MyDoom-B, a new variant of the MyDoom worm.

The W32/MyDoom-B worm operates in a similar way to its predecessor, travelling via email attachments and the KaZaA file-sharing network. Unlike its predecessor, the worm attempts to stop infected computers from browsing anti-virus websites.

Between 1 February and 1 March 2004, there is a 20% chance that the worm will attempt a denial of service attack against www.sco.com, sending numerous GET requests to the web server. Between 3 February and 1 March 2004 there is a 30% chance that the worm will attempt the same denial of service attack against www.microsoft.com.

"Currently we do not believe that this new variant poses as high a risk as the now infamous original W32/MyDoom-A worm, but we will continue to monitor the situation," said Graham Cluley, senior technology consultant for Sophos. "It seems possible that this new version of the MyDoom worm is written by the same person. If convicted they could face severe punishment by the authorities."

"All internet users should ensure their computers have the latest anti-virus updates and are properly secured behind firewalls," continued Cluley.