Technology > Tech Biz
Of worms and penguins?
The latest e-mail bug is targeting SCO Group, which is suing techs like IBM for Linux royalties.
January 28, 2004: 10:06 AM EST
By Paul R. La Monica, CNN/Money senior writer

Sign up for the Tech Biz e-mail newsletter

NEW YORK (CNN/Money) - Another day, another e-mail worm. But unlike the creators of past worms, it looks like the writers of the latest one, known as MyDoom, are not going after Bill Gates and his fellow merry knights of Windows.

Instead, they're targeting a little company known as SCO Group, a company that has made waves (and enemies) thanks to some high profile lawsuits it has filed in the past year.

SCO Group claims to own many of the copyrights to the Unix operating system. The company is claiming that Linux, an open source operating system that is becoming increasingly popular with corporations, contains some Unix code.

Hence, SCO wants royalties. So it's suing IBM, which sell versions of Linux. It is also suing Novell, another company that sells Linux software, for slander. This issue has created a storm of controversy in the Linux community. Some say that SCO's lawsuits could slow the adoption of Linux, which after years of hype, is finally starting to emerge as a legitimate alternative to Windows.

Slippery, slimy

So where does the worm come in? Chris Belthoff, senior security analyst with privately held anti-software firm Sophos, said that it looks like the main intention of MyDoom is to launch a denial of service attack against the Web site of SCO Group. "This appears to be a facet of the Linux war," said Belthoff. "This is the first time we've seen a virus or malicious code used in this legal battle."

A denial of service attack is caused by a flood of e-mails being directed towards a company's Web servers in the hopes of taking the site off-line. Such attacks have temporarily brought down e-commerce sites such as eBay and in recent years.

In the case of SCO, however, it would appear that a denial of service attack would be more symbolic than anything else since the company's main business -- besides suing rivals -- is selling Unix software to corporations.

According to Belthoff, the worm is designed to start sending a deluge of messages from certain infected machines to the SCO Web site on Feb. 1 and end on Feb. 12.

Recently in Tech Biz
Demand dividends!
Netflix: Feel-good hit
Online ads: The next generation
One Cingular sensation?

But the worm already seems to be having a small effect as some people who have been hit by the worm (such as me...Grrrr) have only been able to access the SCO Web site sporadically Tuesday. SCO confirmed in a press release late Tuesday that it was experiencing a denial of service attack and offered a $250,000 reward for information leading to the arrest and conviction of the writer or writers of MyDoom.

Brian Dunphy, senior manager of analysis operations for the managed security services group of anti-virus software firm Symantec said this worm has spread so quickly because it has disguised itself as an e-mail with a simple text file attachment, looking fairly benign. But once the attachment was opened, the worm would attempt to e-mail itself to everybody in the user's address book.

That makes MyDoom a drastically different animal than things like SoBig.F and Blaster, which affected many Microsoft users in 2003. In those cases, it looked like worm writers specifically targeted vulnerabilities in Microsoft's software. MyDoom also is spreading through so-called file sharing networks like music downloading site Kazaa.

Tech Biz
Worms and viruses
Computer Software
By Paul R. La Monica

This could be a big deal for SCO investors. Speculators have bid up shares of SCO (SCOX: Research, Estimates) since it filed its first lawsuit against IBM last March, on the hopes that it could wind up entitled to a lucrative stream of royalties from Linux users.

At the time, shares were trading at just $2.21. Since then, they've climbed as high as $22.29 and are now trading at about $15.75. But this meteoric rise has also attracted a fair amount of short sellers, which as of mid-December, controlled more than a quarter of SCO's available shares outstanding.

So far, MyDoom has not put a dent in SCO; the stock was actually up slightly Tuesday. But it would seem that SCO could be vulnerable for a pullback if these attacks continue. The legal battle for Linux royalties has just taken an ugly turn and it could be just the beginning.

"A lot of companies in the midst of Linux development have put their plans on hold because they don't want to be in a situation where they would have to owe SCO some royalties," said Mark Sunner, chief technology officer for MessageLabs, an e-mail security firm. "So you can see why there's an axe to grind."

Sign up to receive the Tech Biz column by e-mail.

Plus, see more tech commentary and get the latest tech news.  Top of page

How Apple got us to pay so much for the iPhone
iPhone XS and XS Max review: Apple's latest are the best yet. But do you need them?
European regulators are looking at how Amazon uses data
The final battle for Sky is underway
Papa John's possible new logo drops the apostrophe
Walmart discriminated against pregnant workers, federal agency says

graphic graphic