Nimda worm wriggles throughout Asia

Most of Asia has been put on worm alert as W32.Nimda, a mass-mailing worm, greeted users Wednesday morning by infecting their address books, computers and servers.

Nimda, which tops the high-risk list of anti-virus vendors' Web sites, is believed to be more widespread and costly than the Code Red viruses that caused an estimated US$2.6 billion in recovery costs, according to Network Associates Inc. (NAI), parent of anti-virus vendor, McAfee.

"We've received seven times the call volume in the Asia-Pacific region today, compared to any regular day," said Ric Byrnes, director of support and services for NAI Asia-Pacific.

Traffic on NAI's own Web site was so heavy that it had to put out an apology for slow page display.

The worm does not discriminate between users and has affected both enterprise and home computers, Byrnes said. The "cocktail virus" the worm contains can spread via e-mail, and has the potential to generate so much Internet traffic that it slows down networks, he said.

Once Nimda infects a machine, it attempts to reproduce itself in three ways. It has its own e-mail engine and will try to send itself out using addresses stored in e-mail programs. It also scans unpatched Internet Information Servers (IIS) looking for vulnerability and then attacks those servers. Finally, it searches for shared disk drives and tries to reach those devices, an NAI statement said.

However, a patch to the vulnerability that it exploits in Microsoft IIS has been available since the Code Red worm outbreak, and those who updated their anti-virus software would have been protected.

Ironically, Microsoft Co. Ltd. in Japan said MSN Japan servers were infected at 11pm Tuesday night for about an hour. The company warned that anyone who browsed the pages at that time might be infected.

The hour immediately after 11pm is the busiest time on Japan's Internet because NTT DoCoMo Inc.'s night-time rate telephone charges and flat-rate Internet access services start from 11pm.

Microsoft could not be reached for comment.

Also, Kyodo News Service said in a report that its servers were infected and also said those of the Chunichi Shimbun (newspaper) in Central Japan, Waseda University in Tokyo and Yamanashi Gakuin University were infected.

According to David Banes, regional manager for Symantec Corp.'s Emergency Response Team in Asia, there were Nimda reports from New Zealand, Australia, and Hong Kong.

Worms have become a trend in recent months. Just as there were macro viruses that attacked Microsoft Word documents and Microsoft Excel spreadsheets a few years ago, and Flash viruses, such as NakedWife.exe, worms are the "trend of the day," NAI's Byrnes said. "The danger is that (Nimda) has the ability to work through the Internet and intranets, as opposed to just e-mail," he said.

While some Internet security experts had warned of the potential for increased virus activity after last week's attacks on the World Trade Center and the Pentagon, there is no evidence that links Nimda to the U.S. attacks, anti-virus vendors said.

NAI said that customers should adopt a multilayered anti-virus strategy, to protect both e-mail as well as their Internet gateway points.

The impact of the Nimda worm in Asia-Pacific is still unknown, especially since virus writers could still pull apart the existing worm and create variants, Byrnes said.

"How quickly Nimda spreads is dependent on how many users have been exposed and how many have patched their systems," Symantec's Banes said. "As more people become aware and update their anti-virus software, you would hope the spread will slow down."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Stephanie Sim

Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?