The SCO Group’s web site was offline again this evening, as the company issued a statement saying it is experiencing a denial of service attack (DDoS). SCO also offered a $250,000 reward for information leading to the conviction of the author of the fast-spreading MyDoom worm, which is programmed to attack the SCO web site. The source of the outage at sco.com is unclear, as the DDoS component of MyDoom is not triggered until Feb. 1.
A dynamically updating graph is available here.
SCO said it is working with the U.S. Secret Service and FBI to investigate the reported DDoS today, as well as the origins of the MyDoom virus. The company has attributed several web site outages to outside attacks since it began a legal case alleging the Linux OS violates SCO's Unix copyrights. SCO president and CEO Darl McBride said MyDoom presented a more serious issue than earlier incidents. "The perpetrator of this virus is attacking SCO, but hurting many others at the same time," said McBride. "We do not know the origins or reasons for this attack, although we have our suspicions."
Open source advocate Bruce Perens called on the Linux community to temper its rhetoric and avoid gloating over the prospect of a DDoS on SCO. "Do not cheer on attacks on the SCO site," Perens wrote. "By doing so, you falsely implicate our community in the attacks, in the eyes of outsiders who read your words."
MyDoom has become the fastest-spreading e-mail malware ever, according to security firm MessageLabs, which said it intercepted 1.2 million copies of the worm in its first 24 hours of circulation, compared to 1 million for last year's SoBig virus.
While MyDoom's DDoS capability currently targets SCO, Internet security experts worry that the potentially huge network of infected machines could be harnessed by other malware authors. "Its success and back door Trojan component could further increase the prevalence of open proxies for nefarious purposes," said Mark Sunner, chief technology officer at MessageLabs.