MyDoom seeks to destroy antivirus firms

In worm's latest version, authors ridicule rival worm Netsky and promise to attack Symantec, McAfee and others.

Antivirus companies are perplexed by a spate of recent viruses that contain messages in which the writers threaten to attack them.

Worm writers are threatening to attack antivirus companies F-Secure, Symantec, Trend Micro and McAfee.

In the latest version of MyDoom--MyDoom.AE--the authors embedded a message ridiculing rival worm Netsky and promising to attack the antivirus companies.

The message has left antivirus companies unsure of what to expect.

"It remains to be seen what they mean by threatening to attack us," said Mikko Hypponen, director of antivirus research for F-Secure. "That might mean a denial-of-service attack. We've been a target before, but they haven't tried any recently."

Hypponen said the message included comments on previous viruses, poking fun at the Netsky writer Sven Jaschan for being arrested: "Because Jaschan has been arrested, he is no longer a player in the virus war. And MyDoom wanted to highlight they had won the war."

The message read: "Lucky's Av's ;P~. Sasser author gets IT security job and we will work with Mydoom, P2P worms and exploit codes. Also we will attack f-secure, symantec, trendmicro, mcafee, etc. The 11th of march is the skynet day lol. When the beagle and mydoom loose, we wanna stop our activity <== so="" Where="" is="" the="" Skynet="" now?="" lol."="" <="" p="">

The worm has yet to cause any significant damage because it was released over the weekend, Hypponen added.

On F-Secure's Web log, Hypponen wrote that he was astonished virus writers continued to create worms when they knew there was a $250,000 bounty for information leading to their capture.

Dan Ilett of ZDNet UK reported from London.