Re: CNN.com - Aggressive new worm threatens Web users FBI Investiigating September 18, 2001

[Guest guest]

is there a difference between a computer virus and a computer worm?

Shireen

>From: " JJCathcart " <JJCATHCART@...>

>Reply-

><PBC_Digest-owner >, < >

>Subject: [ ] CNN.com - Aggressive new worm threatens Web users

> FBI Investiigating September 18, 2001

>Date: Tue, 25 Sep 2001 14:47:52 -0400

>

>

>

> http://www.cnn.com/2001/TECH/internet/09/18/internet.attack/index.html

>

>

>

>

>

>

>

>

>

>

>

> Aggressive new worm threatens Web users

> September 18, 2001 Posted: 4:44 PM EDT (2044 GMT)

>

>

>

>

>--------------------------------------------------------------------

>

>

>

>--------------------------------------------------------------------

>

> WASHINGTON (CNN) -- The FBI is investigating a new computer worm

>that surfaced Tuesday and is considered so aggressive that computer

>security experts urged people not to surf the Web until they have updated

>their antivirus programs.

>

> Internet users could infect their computers simply by visiting an

>infected Web page, experts warned. What's unusual about this worm, dubbed

> " Nimda, " is that it can be activated in many different ways. Nimda can be

>triggered through some well-known actions, such as clicking on an e-mail

>attachment or running an executable program. The ability to spread through

>a compromised Web page is unusual.

>

> But some aspects of this worm should serve as red flags.

>

>

>

>

> >>>EXCERPT

>

> The FBI's National Infrastructure Protection Center is investigating

>the case with the cooperation of industry organizations, officials told

>CNN. One federal law enforcement official said there was no indication the

>worm may be related to terrorism, but that it was too early to know the

>origin of the Internet attack. The worm was first reported about 9 a.m. EDT

>from a site in Norway, Gullotto, head virus fighter at McAffee.com,

>told The Associated Press.

>

> " Nimda " is similar to " Code Red, " but security experts warned it

>could do more damage because it is more likely to affect more computers.

> " Code Red " attacked only servers and through only one security hole.

>

> By comparison, the new worm can affect any desktop computer or

>server running Microsoft Windows software, said Tippett, of the

>computer security firm TruSecure. It exploits a flaw in the e-mail program

>Outlook Express and it tries to wriggle in through 16 known vulnerabilities

>in Microsoft's Internet Information Services software (IIS) 4 or 5,

>including the security hole " Code Red II " left in some computers.

>

> " Nimda " may masquerade as a sound or .wav file. When a user opens

>the underlying file, called " readme.exe, " the program opens the computer's

>hard drive, allowing the computer to be accessed by third parties via the

>Internet, explained Dan Ingevaldson, of Internet Security Systems. The worm

>can also e-mail itself to everyone in the user's computer-based address

>book. Ingevaldson said experts are still trying to determine whether the

>worm directly harms hard drives.

>

> Demogines of Panda Software said the problems seen as of Tuesday

>relates to productivity rather than any specific destruction of files.

>

> " Customers' servers are bogged down, their executables are not

>working, they can't get to their files, which means they basically can't do

>their work, " he told CNN.

>

> Last week, after the terrorist attacks on the World Trade Center and

>Pentagon, the FBI warned there could be an increase in hacking incidents.

>The agency urged computer users to update antivirus software and security

>patches and to be cautious online.

>

>

>

>

>

>

>

>

>

>

>

>

>

_________________________________________________________________

Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp