Hey guys...I pulled this off of CNN.com after the company I work at got
infected. It's a bad one. All you need to do is visit an infected website
to get it.
A girl here downloaded a song it was attached to from morpheous and
imediatly every computer on our network was also infected. Shitty thing is
that there is no fix for it yet...
WASHINGTON (CNN) -- The FBI is investigating a new computer worm that
surfaced Tuesday and is considered so aggressive that computer security
experts urged people not to surf the Web until they have updated their
antivirus programs.
Internet users could infect their computers simply by visiting an infected
Web page, experts warned. What's unusual about this worm, dubbed "Nimda," is
that it can be activated in many different ways. Nimda can be triggered
through some well-known actions, such as clicking on an e-mail attachment or
running an executable program. The ability to spread through a compromised
Web page is unusual.
But some aspects of this worm should serve as red flags.
"An e-mail with gibberish in the subject line, or an attachment on a blank
e-mail just about cries out, 'Hey, open me, I'm a virus," Steve Demogines,
director of tech support for Panda Software, told CNN on Tuesday.
The FBI's National Infrastructure Protection Center is investigating the
case with the cooperation of industry organizations, officials told CNN. One
federal law enforcement official said there was no indication the worm may
be related to terrorism, but that it was too early to know the origin of the
Internet attack. The worm was first reported about 9 a.m. EDT from a site in
Norway, Vincent Gullotto, head virus fighter at McAffee.com, told The
Associated Press.
"Nimda" is similar to "Code Red," but security experts warned it could do
more damage because it is more likely to affect more computers. "Code Red "
attacked only servers and through only one security hole.
By comparison, the new worm can affect any desktop computer or server
running Microsoft Windows software, said Peter Tippett, of the computer
security firm TruSecure. It exploits a flaw in the e-mail program Outlook
Express and it tries to wriggle in through 16 known vulnerabilities in
Microsoft's Internet Information Services software (IIS) 4 or 5, including
the security hole "Code Red II" left in some computers.
"Nimda" may masquerade as a sound or .wav file. When a user opens the
underlying file, called "readme.exe," the program opens the computer's hard
drive, allowing the computer to be accessed by third parties via the
Internet, explained Dan Ingevaldson, of Internet Security Systems. The worm
can also e-mail itself to everyone in the user's computer-based address
book. Ingevaldson said experts are still trying to determine whether the
worm directly harms hard drives.
Demogines of Panda Software said the problems seen as of Tuesday relates to
productivity rather than any specific destruction of files.
"Customers' servers are bogged down, their executables are not working, they
can't get to their files, which means they basically can't do their work,"
he told CNN.
Last week, after the terrorist attacks on the World Trade Center and
Pentagon, the FBI warned there could be an increase in hacking incidents.
The agency urged computer users to update antivirus software and security
patches and to be cautious online.
The Associated Press & Reuters contributed to this report.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
