Hmm... Trend Micro confirms the part about targeting sco.com. I'd visit the official Sco site to see what they had to say, but oops! It's down.
Besides just targeting sco.com, though, it also "runs a backdoor component, which it drops as the file SHIMGAPI.DLL. The backdoor component opens port 3127 to 3198 to allow remote users to access and manipulate infected systems."
So in addition to targeting sco, the creators don't have a problem with being regular hackers and hurting everyone else unrelated to sco as well...
Aye, why use a toothpick where a sledgehammer will do!!
Rumor is that Microsoft is the next target...
I too tried to goto sco site and it was down! go figure!! If that was my company 24 hours down is unacceptable!!
FYI... The worm is not necessarily malicious to your PC only that it uses it to launch a "denial of service" attack from your PC. Of course it will bring down your mail servers too!! but not your PC...
You will just have a few more messages in your outbox/inbox...