Additionally, the Symantec DeepSight Threat Analyst Team has increased the global ThreatCon from Level 1 to 2 due to the number of sample submissions Symantec has received and because of the malicious nature of the backdoor that the Trojan installed. Symantec’s ThreatCon rating provides a digital weather forecast of Internet Security.
The worm will also attempt to perform a denial-of-service attack between Feb. 1 and Feb. 12, 2004 against www.sco.com. The worm creates 64 threads that send HTTP “GET” requests to the SCO site. SCO is a provider of software solutions for small- to medium-sized businesses and replicated branch offices.
Additional information on W32.Novarg@mm can be found on Symantec’s Web site.