Nimda (computer worm)

From Wikipedia, the free encyclopedia

You have new messages (last change).

Nimda is a computer worm, isolated in September 2001. It is also a file infector. It quickly spread, eclipsing the economic damage caused by past outbreaks such as Code Red. Due to the release date, some media quickly began speculating a link between the virus and Al Qaeda, though this relationship ended up being nothing but a conspiracy theory.

Nimda affected both user workstations (clients) running Windows 95, 98, Me, NT, or 2000 and servers running Windows NT and 2000.

The worm's name spelled backwards is "admin".

[edit] Methods of infection

Nimda was so effective partially because it - unlike other famous malware like the Morris worm or Code Red - uses 5 different infection vectors:

  • via email
  • via open network shares
  • via browsing of compromised web sites
  • exploitation of various Microsoft IIS 4.0 / 5.0 directory traversal vulnerabilities
  • via back doors left behind by the "Code Red II" and "sadmind/IIS" worms.

[edit] See also

[edit] External links

Malware logo    This malware-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org../../../n/i/m/Nimda_%28computer_worm%29.html"
In other languages