Virus more powerful than Code Red infects Internet

MyCustomer.com
0

Yet another computer worm threatens to shut down PCs and network servers has spread across the Internet. Known as 'Nimda', the new virus spreads by sending infected emails and also appears able to infect websites.

"It seems to be very widespread," said Graham Cluley, senior technical consultant for Sophos Antivirus, "because it not only travels via email but contaminates websites as well."

The virus has attacked servers that use Microsoft's Windows 2000 or Windows NT operating-system software. Users of Windows 95, 98 or Me are not affected.

But the worm is also known to attack PCs. It comes through an email message as an attached file. While the body of the email may appear blank, it actually contains code to exploit vulnerabilities in the Windows programmes.

The virus attacks much more quickly than the previously warned of Code Red virus, which struck computers earlier in the summer. The Nimda virus strikes at 16 known vulnerabilities within the Windows programs, whereas Code Red was limited to just one 'hole'.

The virus is known to have taken down entire sites. The speed and vigour with which it spread has hampered antivirus experts' ability to stop it. They warn that computer users should not open emails with unexpected attachments.

The panic over Code Red in August began when a variant of the original worm infected more than 250,000 machines in only a few hours. Analysis after the outbreak revealed that the web traffic jams attributed to Code Red were due to a train crash in a tunnel that severed key net cables.

The US Federal Bureau of Investigation is investigating the worm, but US Attorney General John Ashcroft has said there was no evidence linking the worm to last week's terror attacks.

Computer security experts have warned that cyber mischief could increase in the wake of the terror attacks in the US, and hackers have responded to the terror incidents by launching high profile attacks.

A hacker going by the alias Fluffi Bunni broke into UK domain registrar NetNames computers and redirected traffic from thousands of websites to a page railing against religion and US economic imperialism. NetNames shut down their servers briefly to repair their systems.

The FBI also warned that a group of hackers calling themselves the Dispatchers were set to launch attacks against organizations associated with the perceived perpetrators of the 11 September, 2001 terror attacks.

The FBI said the group was targeting computer systems used by communications and finance firms and said they would ramp up their activities Tuesday 18 September.

UK National Infrastructure Security Co-ordination Centre

Share this content

Replies

Please login or register to join the discussion.

There are currently no replies, be the first to post a reply.