Mumbai: Making its debut on the net, alongside its cousins Mydoom.a and Mydoom.b, is the worm Doomjuice. It continues to target Microsoft, but apart from slowing down the Microsoft home site it hasn't been able to score the same 'denial of service' as it did with the site of software firm, SCO Inc.

According to McAfee, this worm attempts to spread to Mydoom.a and Mydoom.b infected systems, by entering in through the backdoor created by the Mydoom virus, but does not spread via email. Only the systems already infected with Mydoom are at risk.

Interestingly, security experts are pointing out that the fact that Doomjuice plants the source code for the original MyDoom virus, would suggest that the creator of this worm is also the writer of the original Mydoom virus. The virus copies itself to the windows system directory as intrenat.exe and creates a registry run key to load itself at system startup.

McAfee says that doomjuice drops an 'archived copy of the source for W32/Mydoom to the root of the system drive, the Windows directory and the Windows System directory.'

This, in the language of the layman, means that it places the source code for the original MyDoom virus on victims' hard drives, an action that security experts are describing as a possible attempt, by the original writer/s, to either cover their tracks, or to invite the world at large to participate in their attack.

By creating a whole army of PC users, the writers of the worm are not only muddying the waters for people who are trying to track them down, but also interestingly, increasing the number of people, who would now have access to the original source code.

This may, quite likely, tempt others to try out their own variation. Software firm SCO, and Microsoft, have already announced a cumulative bounty of $500,000 for information leading to the arrest of the authors of the worm, and so doomjuice is now clearly the next, and a very intriguing, gambit that has now been played out in this cat and mouse game.