A new version of the Windows Mydoom e-mail worm is circulating on the Internet, according to warnings from antivirus companies.
The worm, named Mydoom-B, is similar to a worm that appeared on Monday, but contains a scheduled denial of service (DOS) attack against Microsoft Corp.’s Web site and a feature that blocks access to antivirus Web sites on infected machines, according to warnings from antivirus companies Wednesday.
The new worm appeared on Wednesday and was rated a “Level 2” outbreak by F-Secure Corp., of Helsinki, indicating the virus is causing a large number of infections, but is not yet a worldwide outbreak.
Antivirus company Kaspersky Labs Ltd. of Moscow issued an alert Wednesday, also, saying it has received reports of infections by Mydoom-B.
The new variant is not significantly different from the first Mydoom, but is larger and contains the following message buried in the worm’s code: “sync-1.01; andy; I’m just doing my job, nothing personal, sorry.”
Like the first Mydoom, also known as “Novarg,” the B version is scheduled to launch its denial of service attacks on Feb. 1, though machines infected with the B variant will send traffic to both www.microsoft.com and www.sco.com, Kaspersky said in the alert.
The new worm may be seeded by the hundreds of thousands of machines infected with the first Mydoom, setting the stage for a large outbreak, Kaspersky said.
The Mydoom worm variants do not directly affect Macintosh computers, although Mac users may see e-mail and attachments sent to them by infected Windows machines.
Information for this article was also contributed by Peter Cohen.