The teams behind the Netsky and Mytob malware seem to be locked in a battle with each other, trying to see who can get the most machines infected. The groups behind Netsky.q and Mytob.c are not only trying to spread their own malicious code, they are working to remove the malware of competing worms from target machines, as each group struggles to be the sole owner of each zombie. Infected zombie machines are used in denial of service attacks, spamming, phishing and even in identify theft.
Mytob and Zotob may spread in different ways, but the source code is very similar,' commented Carole Theriault, security consultant at Sophos. 'Moreover, the Zotob author's nickname, Diabl0, appears in more than twenty of the Mytob variants, suggesting that they may have been created by the same person. One thing is for sure - Mytob is still causing chaos in organisations that haven't updated their virus protection and patched software vulnerabilities.'