Two worms that take advantage of computers whose security has already been compromised started spreading on Monday, antivirus software companies warned.

The two opportunistic programs -- dubbed Doomjuice and Deadhat -- threatened only those users still infected with a version of the MyDoom virus, and didn't pose a major problem for businesses that had previously cleaned systems infected with the virus, the companies said.

"There are only about 50,000 or 75,000 machines left that are infected," said Vincent Gullotto, vice president for antivirus and vulnerability emergency response team at Network Associates.

Doomjuice, whose spread has been moderate, attempts to direct any re-infected PC to attack Microsoft's Web site, Gullotto said. The re-invigorated attack may be responsible for making Microsoft's site inaccessible on Sunday night and early Monday morning, according to Internet performance measurement firm Netcraft.

By Robert Lemos at ZDNet.

[ Read more ]

Related items

• Software: MyDoom Removal Tool
• Virus News: Novarg: New Worm - New Epidemic (28 January 2004)
• Virus News: Mydoom Worm Spreading Fast, Sophos Warns (27 January 2004)
• Virus News: New "Mydoom" Worm Launching a World-Wide Attack (27 January 2004)
• Virus News: Central Command Warns of New Worm Named Worm/MyDoom (27 January 2004)
• Review: Viruses Revealed (28 April 2003)