Nimda worm wriggles throughout Asia

Most of Asia has been put on worm alert as W32.Nimda, a mass-mailing worm, greeted users Wednesday morning by infecting their address books, computers and servers.

Nimda, which tops the high-risk list of anti-virus vendors' Web sites, is believed to be more widespread and costly than the Code Red viruses that caused an estimated US$2.6 billion in recovery costs, according to Network Associates Inc. (NAI), parent of anti-virus vendor, McAfee.

"We've received seven times the call volume in the Asia-Pacific region today, compared to any regular day," said Ric Byrnes, director of support and services for NAI Asia-Pacific.

Traffic on NAI's own Web site was so heavy that it had to put out an apology for slow page display.

The worm does not discriminate between users and has affected both enterprise and home computers, Byrnes said. The "cocktail virus" the worm contains can spread via e-mail, and has the potential to generate so much Internet traffic that it slows down networks, he said.

Once Nimda infects a machine, it attempts to reproduce itself in three ways. It has its own e-mail engine and will try to send itself out using addresses stored in e-mail programs. It also scans unpatched Internet Information Servers (IIS) looking for vulnerability and then attacks those servers. Finally, it searches for shared disk drives and tries to reach those devices, an NAI statement said.

However, a patch to the vulnerability that it exploits in Microsoft IIS has been available since the Code Red worm outbreak, and those who updated their anti-virus software would have been protected.

Ironically, Microsoft Co. Ltd. in Japan said MSN Japan servers were infected at 11pm Tuesday night for about an hour. The company warned that anyone who browsed the pages at that time might be infected.

The hour immediately after 11pm is the busiest time on Japan's Internet because NTT DoCoMo Inc.'s night-time rate telephone charges and flat-rate Internet access services start from 11pm.

Microsoft could not be reached for comment.

Also, Kyodo News Service said in a report that its servers were infected and also said those of the Chunichi Shimbun (newspaper) in Central Japan, Waseda University in Tokyo and Yamanashi Gakuin University were infected.

According to David Banes, regional manager for Symantec Corp.'s Emergency Response Team in Asia, there were Nimda reports from New Zealand, Australia, and Hong Kong.

Worms have become a trend in recent months. Just as there were macro viruses that attacked Microsoft Word documents and Microsoft Excel spreadsheets a few years ago, and Flash viruses, such as NakedWife.exe, worms are the "trend of the day," NAI's Byrnes said. "The danger is that (Nimda) has the ability to work through the Internet and intranets, as opposed to just e-mail," he said.

While some Internet security experts had warned of the potential for increased virus activity after last week's attacks on the World Trade Center and the Pentagon, there is no evidence that links Nimda to the U.S. attacks, anti-virus vendors said.

NAI said that customers should adopt a multilayered anti-virus strategy, to protect both e-mail as well as their Internet gateway points.

The impact of the Nimda worm in Asia-Pacific is still unknown, especially since virus writers could still pull apart the existing worm and create variants, Byrnes said.

"How quickly Nimda spreads is dependent on how many users have been exposed and how many have patched their systems," Symantec's Banes said. "As more people become aware and update their anti-virus software, you would hope the spread will slow down."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Stephanie Sim

Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Luke Hill


I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?