The backdoor left in place by MyDoom.O infections appears to be deliberately targeted and exploited by the same author, via the newly discovered Zindos worm. The new worm seeks out the open port 1034 ala MyDoom.O, then gets uploaded and executed. Once settled onto the system, Zindos launches a Distributed Denial of Service (DDoS) attack against the microsoft.com website. To do so, Zindos queries the local DNS server for the IP address of microsoft.com, then begins sending GET requests to the site via TCP port 80.