MyDoom assault forces SCO off the net

Swamp Thing

SCO has pulled the plug on its main Web site in response to a huge DDoS initiated from PCs infected with the MyDoom worm last weekend.

In a statement, SCO said that its site was "flooded with requests beyond its capacity".

"This large scale attack, caused by the MyDoom computer virus that is estimated to have infected hundreds of thousands of computers around the world, is now overwhelming the Internet with requests to," said Jeff Carlon, worldwide director of Information Technology infrastructure, The SCO Group.

Rather than saying the attack was "overwhelming the Internet" it would be more accurate to say that the assault was swamping SCO's main site. The Internet, as a whole, is behaving normally. has been taken out of DNS records - effectively removing it from the Internet - in response to the DDoS attack. Netcraft reports that SCO may have taken this action under pressure from ISPs to put a stop to the http traffic been generated from infected machines.

SCO said it expects the attacks on its Web site to continue until February 12, when MyDoom-A is programmed to stop spreading or attacking the SCO site. The company said it would outline contingency plans it intends to take to defend against the MyDoom attack later today.

SCO has put up a $250,000 bounty for information leading to the arrest and conviction of the author of MyDoom-A. Since the appearance of MyDoom-A a less prolific variant, MyDoom-B, has been unleashed onto the Net.

MyDoom-B is programmed to launch DDoS attacks on both (not as previously reported) and

Both MyDoom-A and MyDoom-B infect only Windows machines. ®

Related Stories

Latest Email worm has SCO-facing payload
SCO posts $250,000 worm bounty

Sponsored: Analyzing the economic value of IBM FlashSystem