PracticePeople In PracticeKiller virus ravages internet

Killer virus ravages internet

Millions of internet surfers are in danger from a devastating virus which is currently spreading much more rapidly than Code Red, security experts warned today.

The virus, known as a self propagating worm called Nimda, which spells admin backwards, is particularly virulent as it can spread through email attachments, shared hard disks inside networks, or across the internet. It is doubly dangerous as it attacks both PCs and servers running Microsoft software.

An alert by TruSecure, which discovered the worm, said the rate of growth and spread is exceedingly rapid, significantly faster than any worm to date and much faster than Code Red.

TruSecure pointed out that Nimda sends itself by email, as SirCam does, and also scans for and infects web servers like Code Red does.

When Nimda, which is known to affect Windows 98, 2000, ME and NT, arrives in an email, it appears as an attachment named readme.exe.

‘This worm bites you right on the nose, you can get stung by browsing the internet or by opening an infected email,’ said Graham Cluley, senior technology consultant at Sophos Anti-Virus.

An FBI representative said the agency was ‘assessing the incident’, but so far it found no relationship between the online attack and last week’s US terrorist attacks.

Security firm Panda software said: ‘W32/Nimda.A@mm [alias Nimda] is a dangerous mass-mailing worm that runs automatically when the message that contains it is viewed through the preview pane. It spreads by email by means of a vulnerability in Internet Explorer 5 and the email clients Outlook and Outlook Express.’

Antivirus specialist McAfee said the worm attacks 16 known vulnerabilities in Internet Information Services (IIS) servers, including the security hole left by the recent Code Red II worm.

Experts at McAfee added that, using the vulnerability in Microsoft’s IIS web server software, the worm corrupts websites with malicious code. The worm then forwards itself by email to all addresses found on the user’s computer.

Infected sites may also display a web page prompting users to download an Outlook file containing the Nimda worm.

Experts said Nimda had appeared in Europe, Latin America and the US and was likely to spread to additional regions.

Links

The following links offer help on how to fix the Nimda virus:

Microsoft virus page

Symantec web advice

McAfee website

Related Articles

Is inefficiency stealing your time and money?

Accounting Firms Is inefficiency stealing your time and money?

6m Emma Smith, Managing Editor
CIMA elects new president

Institutes CIMA elects new president

6m Emma Smith, Managing Editor
Transparent currency trade: How to achieve costs visibility

Governance Transparent currency trade: How to achieve costs visibility

6m Emma Smith, Managing Editor
Introduction to KPMG UK’s new leadership team

Accounting Firms Introduction to KPMG UK’s new leadership team

6m Emma Smith, Managing Editor
EY appoints head of UK Infrastructure Asset Intelligence practice

Accounting Firms EY appoints head of UK Infrastructure Asset Intelligence practice

8m Emma Smith, Managing Editor
FRP Advisory expands operation with new office, partner appointments

Accounting Firms FRP Advisory expands operation with new office, partner appointments

10m Emma Smith, Managing Editor
Magma Group announces merger, partner promotions

Accounting Firms Magma Group announces merger, partner promotions

10m Emma Smith, Managing Editor
MHA MacIntyre Hudson advises on management buy-out

Accounting Firms MHA MacIntyre Hudson advises on management buy-out

10m Emma Smith, Managing Editor