Nimda worm wriggles throughout Asia

Most of Asia has been put on worm alert as W32.Nimda, a mass-mailing worm, greeted users Wednesday morning by infecting their address books, computers and servers.

Nimda, which tops the high-risk list of anti-virus vendors' Web sites, is believed to be more widespread and costly than the Code Red viruses that caused an estimated US$2.6 billion in recovery costs, according to Network Associates Inc. (NAI), parent of anti-virus vendor, McAfee.

"We've received seven times the call volume in the Asia-Pacific region today, compared to any regular day," said Ric Byrnes, director of support and services for NAI Asia-Pacific.

Traffic on NAI's own Web site was so heavy that it had to put out an apology for slow page display.

The worm does not discriminate between users and has affected both enterprise and home computers, Byrnes said. The "cocktail virus" the worm contains can spread via e-mail, and has the potential to generate so much Internet traffic that it slows down networks, he said.

Once Nimda infects a machine, it attempts to reproduce itself in three ways. It has its own e-mail engine and will try to send itself out using addresses stored in e-mail programs. It also scans unpatched Internet Information Servers (IIS) looking for vulnerability and then attacks those servers. Finally, it searches for shared disk drives and tries to reach those devices, an NAI statement said.

However, a patch to the vulnerability that it exploits in Microsoft IIS has been available since the Code Red worm outbreak, and those who updated their anti-virus software would have been protected.

Ironically, Microsoft Co. Ltd. in Japan said MSN Japan servers were infected at 11pm Tuesday night for about an hour. The company warned that anyone who browsed the pages at that time might be infected.

The hour immediately after 11pm is the busiest time on Japan's Internet because NTT DoCoMo Inc.'s night-time rate telephone charges and flat-rate Internet access services start from 11pm.

Microsoft could not be reached for comment.

Also, Kyodo News Service said in a report that its servers were infected and also said those of the Chunichi Shimbun (newspaper) in Central Japan, Waseda University in Tokyo and Yamanashi Gakuin University were infected.

According to David Banes, regional manager for Symantec Corp.'s Emergency Response Team in Asia, there were Nimda reports from New Zealand, Australia, and Hong Kong.

Worms have become a trend in recent months. Just as there were macro viruses that attacked Microsoft Word documents and Microsoft Excel spreadsheets a few years ago, and Flash viruses, such as NakedWife.exe, worms are the "trend of the day," NAI's Byrnes said. "The danger is that (Nimda) has the ability to work through the Internet and intranets, as opposed to just e-mail," he said.

While some Internet security experts had warned of the potential for increased virus activity after last week's attacks on the World Trade Center and the Pentagon, there is no evidence that links Nimda to the U.S. attacks, anti-virus vendors said.

NAI said that customers should adopt a multilayered anti-virus strategy, to protect both e-mail as well as their Internet gateway points.

The impact of the Nimda worm in Asia-Pacific is still unknown, especially since virus writers could still pull apart the existing worm and create variants, Byrnes said.

"How quickly Nimda spreads is dependent on how many users have been exposed and how many have patched their systems," Symantec's Banes said. "As more people become aware and update their anti-virus software, you would hope the spread will slow down."

Join the PC World newsletter!

Error: Please check your email address.

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Stephanie Sim

Show Comments

Cool Tech

D-Link PowerLine AV2 2000 Gigabit Network Kit

Learn more >

Crucial® BX200 SATA 2.5” 7mm (with 9.5mm adapter) Internal Solid State Drive

Learn more >

ASUS ROG Swift PG279Q – Reign beyond virtual world

Learn more >

D-Link TAIPAN AC3200 Ultra Wi-Fi Modem Router (DSL-4320L)

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Xiro Drone Xplorer V -3 Axis Gimbal & 1080p Full HD 14MP Camera

Learn more >

Gadgets & Things


Learn more >

Lexar Professional 2000x SDHC™/SDXC™ UHS-II cards

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Family Friendly

ASUS VivoPC VM62 - Incredibly Powerful, Unbelievably Small

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Lexar Professional 2000x SDHC™/SDXC™ UHS-II cards

Learn more >

Stocking Stuffer

Lexar Professional 2000x SDHC™/SDXC™ UHS-II cards

Learn more >

Lexar® Professional 1000x microSDHC™/microSDXC™ UHS-II cards

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Best Deals on PC World

Latest News Articles


GGG Evaluation Team

Kathy Cassidy


First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni


For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell


The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi


The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott


My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.


Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?