Nimda

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Nimda Virus
Technical nameAvast: Win32:Nimda
Avira: W32/Nimda.eml
BitDefender: Win32.Nimda.A@mm
ClamAV: W32.Nimda.eml
Eset: Win32/Nimda.A
Grisoft: I-Worm/Nimda
Kaspersky: Net-Worm.Win32.Nimda or I-Worm.Nimda
McAfee: Exploit-MIME.gen.ex
Sophos: W32/Nimda-A
Symantec: W32.Nimda.A@mm
TypeMulti-vector worm
Point of originChina (alleged)
Author(s)Multiple authors; one serving prison time [1]
Operating system(s) affectedWindows 95XP
Written inC++[2]

Nimda is a malicious file-infecting computer worm. It quickly spread, surpassing the economic damage[citation needed] caused by previous outbreaks such as Code Red.

The first released advisory about this thread (worm) was released on September 18, 2001.[3] Due to the release date, exactly one week after the attacks on the World Trade Center and Pentagon, some media quickly began speculating a link between the virus and Al Qaeda, though this theory ended up proving unfounded.[citation needed]

Nimda affected both user workstations (clients) running Windows 95, 98, NT, 2000, or XP and servers running Windows NT and 2000.[3]

The worm's name comes from the reversed spelling of "admin".[citation needed]

F-Secure found the text "Concept Virus(CV) V.5, Copyright(C)2001 R.P.China" in the Nimda code, suggesting its country of origin. However, they also noted that a computer in Canada was responsible for an October 11, 2001 release of infected emails alleging to be from Mikko Hyppönen and Data Fellows (F-Secure's previous name).[4]

Methods of infection[edit]

Nimda proved effective partially because it—unlike other infamous malware like Code Red—uses five different infection vectors:

See also[edit]

References[edit]

  1. ^ "Ten years on from Nimda". TheRegister.com. September 17, 2011. Retrieved October 27, 2020.
  2. ^ "Information about the Network Worm "Nimda"". Kaspersky Lab. Kaspersky.com. September 18, 2001. Archived from the original on August 7, 2016. Retrieved June 4, 2016.
  3. ^ a b "CA-2001-26: Nimda Worm". CERT Coordination Center. Carnegie Mellon University. September 18, 2001. Archived from the original on February 26, 2014.
  4. ^ "Net-Worm: W32/Nimda Description". F-Secure Labs. F-secure.com. Retrieved June 4, 2016.
  5. ^ "Kurt Seifried - LASG / Introduction to security". Seifried.org. Retrieved June 4, 2016.
  6. ^ Chen, Thomas M.; Robert, Jean-Marc (2004). "The Evolution of Viruses and Worms". In Chen, William W.S (ed.). Statistical Methods in Computer Security. doi:10.1201/9781420030884. ISBN 9780429131615.

External links[edit]