MyDoom Virus Returns with a Vengeance – DDoS Attacks on US and S. Korean Web Sites

- July 8th, 2009

 

An updated virus (MyDoom)- not a botnet is responsible for the DDoS attacks against US and South Korean websites this past weekend. The virus discovered back in 2004 has been updated to now include a list of websites that have become targets of a DDoS attack as the virus spreads.

The list of Web sites can be updated remotely; the current list of Web sites attacked by MyDoom include:
www.president.go.kr
www.mnd.go.kr
www.mofat.go.kr
www.assembly.go.kr
www.usfk.mil
blog.naver.com
mail.naver.com
banking.nonghyup.com
ezbank.shinhan.com
ebank.keb.co.kr
www.hannara.or.kr
www.chosun.com
www.auction.co.kr
www.whitehouse.gov
www.faa.gov
www.dhs.gov
www.state.gov
www.voanews.com
www.defenselink.mil
www.nyse.com
www.nasdaq.com
finance.yahoo.com
www.usauctionslive.com
www.usbank.com
www.washingtonpost.com
www.ustreas.gov
www.whitehouse.gov
fwww.aa.gov
evisaforms.state.gov
www.moneyfactory.gov
www.dot.gov
www.ftc.gov
www.nsa.gov
www.usps.gov
www.voa.gov
www.yahoo.com
travel.state.gov
www.nyse.com
www.site-by-site.com
www.marketwatch.com
www.amazon.com

Given the list of targets only included US and South Korean sites, at this point it’s widely believed that it is sympathizers to North Korea that are behind this attack but we’re still digging in (as are our fellow security compatriots) to see what further data points we can uncover to support that theory.


About the Author

is one of the world’s foremost global information security and computer forensic experts in the industry. With more than 20 years of experience, Henry is a seasoned speaker, author and contributor for some of the leading security events and publications.

Follow Paul on Twitter @phenrycissp





Comments

Leave a Reply


IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Comments


Share

blog.lumension.com