PRESS RELEASE
Oslo, Norway 10 September 2004

A newly discovered variant of the MyDoom computer virus collects a so-called back door Trojan from a number of web sites, including one located in Norway, before distributing the Trojan to PC users on a global scale. The outbreak was initially discovered yesterday and since then anti virus specialist Norman has identified the Norwegian web site and had it shut down in order to limit the potential damage.

The MyDoom virus spreads through e-mail and is characterised by its ability to install a so-called back door on the infected PC without the user’s knowledge. The back door enables a third party to use the PC for a number of operations including but not limited to the distribution of spam. These characteristics mean that the MyDoom virus is non-discriminatory and causes damage to private users as well as organizations.

The virus utilizes eight different download sites for the back door, only one of which is still active and work is in progress to shut down this final site. It is believed that the Norwegian website, belonging to an individual situated on Norway’s west coast, was in fact hacked and the back door installed remotely via the Internet.