digplanet beta 1: Athena
Share digplanet:

Agriculture

Applied sciences

Arts

Belief

Business

Chronology

Culture

Education

Environment

Geography

Health

History

Humanities

Language

Law

Life

Mathematics

Nature

People

Politics

Science

Society

Technology

Nimda Virus
Technical name Avast: Win32:Nimda
Avira: W32/Nimda.eml
BitDefender: Win32.Nimda.A@mm
ClamAV: W32.Nimda.eml
Eset: Win32/Nimda.A
Grisoft: I-Worm/Nimda
Kaspersky: Net-Worm.Win32.Nimda or I-Worm.Nimda
McAfee: Exploit-MIME.gen.ex
Sophos: W32/Nimda-A
Symantec: W32.Nimda.A@mm
Type Multi-vector worm
Point of origin China (alleged)
Operating system(s) affected Windows 95XP
Written in English

Nimda is a computer worm, also a file infector. It quickly spread, surpassing the economic damage caused by previous outbreaks such as Code Red. Nimda utilized several types of propagation techniques and this caused it to become the Internet’s most widespread virus/worm within 22 minutes.

The worm was released on September 18, 2001.[1] Due to the release date, exactly one week after the attacks on the World Trade Center and Pentagon, some media quickly began speculating a link between the virus and Al Qaeda, though this theory ended up proving unfounded.

Nimda affected both user workstations (clients) running Windows 95, 98, Me, NT, 2000 or XP and servers running Windows NT and 2000.

The worm's name origin comes from the reversed spelling of it, which is "admin".

F-Secure found the text[2] "Concept Virus(CV) V.5, Copyright(C)2001 R.P.China" in the Nimda code, suggesting its country of origin.

Methods of infection[edit]

Nimda was so effective partially because it—unlike other infamous malware like the Morris worm or Code Red—uses five different infection vectors:

  • via email
  • via open network shares
  • via browsing of compromised web sites
  • exploitation of various Microsoft IIS 4.0 / 5.0 directory traversal vulnerabilities. (Both Code Red and Nimda were hugely successful exploiting well known and long solved vulnerabilities in the Microsoft IIS server.[3])
  • via back doors left behind by the "Code Red II" and "sadmind/IIS" worms.

See also[edit]

References[edit]

  1. ^ https://www.cert.org/historical/advisories/CA-2001-26.cfm CERT first released an advisory on the worm on September 18, 2001
  2. ^ http://www.f-secure.com/v-descs/nimda.shtml
  3. ^ http://seifried.org/lasg/introduction-to-security/

External links[edit]


Original courtesy of Wikipedia: http://en.wikipedia.org/wiki/Nimda — Please support Wikipedia.
This page uses Creative Commons Licensed content from Wikipedia. A portion of the proceeds from advertising on Digplanet goes to supporting Wikipedia.
2014 videos foundNext > 

Nimda, Lion security hole, support scam bust, .CZ.CC takedown and RIP Steve - 60 Sec Security

Don't just read the latest security news - watch it in 60 seconds!

NIMDA Co

lyninx - nimda

「futurism」 iTunes: https://itunes.apple.com/us/album/futurism-ep/id970860145 Google Play: https://play.google.com/store/music/album/lyninx_Futurism… Amazon: http://www.amazon....

Nimda - Overgrowth [DUBSTEP] [FREE DOWNLOAD]

Download: https://soundcloud.com/damaged-sounds/nimda-overgrowth-ds-freebie Soundcloud: https://soundcloud.com/nimdaofficial Facebook: https://www.facebook.com/nimdaofficial Twitter: ...

lyninx  -  nimda  【VIP】

「futurism」 iTunes: https://itunes.apple.com/us/album/futurism-ep/id970860145 Google Play: https://play.google.com/store/music/album/lyninx_Futurism… Amazon: http://www.amazon....

Обзор вируса Nimda (Умнила среди червей)

Музыка: Spongebob Schwammkopf - Hor mal, Wer da spielt.

DJ Nimda - TenMinMix 3 - Electro House - RauteMusik.FM - 10.04.2010

DJ Nimda - TenMinMix 3 - 10.04.2010 (Hildesheim, Germany) Style: Electro House Visit www.DJ-Nimda.de Equipment: - 2x Denon DN-S 1000 - Pioneer DJM 400 - Allen & Heath Xone 92 - Technics...

M'NINDA - Le clip 100% Africain de Magic System

M'NINDA est extrait du nouvel album "Africainement Vôtre". Clip entièrement tourné en Afrique (MALI) dans un décor authentique Témoignage de l'attachement du groupe à ses origines Africaines...

DJ Nimda - TenMinMix 4 - Electro House - RauteMusik.FM - 24.07.2010

DJ Nimda - TenMinMix 4 - 24.07.2010 (Hildesheim, Germany) Style: Electro House Visit www.DJ-Nimda.de Equipment: - 2x Denon DN-S 1000 - Pioneer DJM 400 - Allen & Heath Xone 92 ...

Nimda Industrial Animation MVR

MVR Company: - Creating animations for the medical and industrial business firms. -Great expertise with producing promotional videos for any business industr...

2014 videos foundNext > 

917 news items

 
Bizcommunity.com
Tue, 24 Mar 2015 07:26:15 -0700

If you think you fit this type of working environment, then send us your CV to. moc.egami-aidem-eht@nimda. with a covering letter and please reference in the subject line (TMI001). If the reference is not there, then your email will be ignored ...
 
Register
Sat, 17 Sep 2011 02:01:01 -0700

Saturday marks the tenth anniversary of the infamous Nimda worm. Nimda (admin spelled backwards) was a hybrid worm that spread via infected email attachments and across websites running vulnerable versions of Microsoft's IIS web server software.
 
Naked Security
Thu, 15 Sep 2011 19:40:21 -0700

Boy, did Nimda show itself. It could spread every-which-way, and it did: by sending itself out to your email contacts; by breaking into web servers and infecting files all over your website; by spreading automatically across your network; and by ...

Deadline.com

Deadline.com
Mon, 08 Dec 2014 16:04:29 -0800

Jose Kuervo • on Dec 8, 2014 4:04 pm. Just remember this comment when the show turns out to be awesome. Can't wait to learn some more about Jor-El I and Nimda, Jor- El parents. nerdrage • on Dec 8, 2014 4:04 pm. I want a TV series about the second ...
 
Windows IT Pro (blog)
Tue, 25 Nov 2014 08:52:30 -0800

Cybercriminals are relentless in their efforts to cash in by compromising your network. It's a reality that's unlikely to change for the better—that's why your approach to security needs to change, Marc Thaler writes. Whenever you're searching for a ...

TechTarget

TechTarget
Thu, 25 Sep 2014 07:06:32 -0700

"That places it into Code Red/Nimda territory. A workable bug that can exploit public Web servers is scary. We don't know for sure, Rob doesn't know for sure, but it looks very, very possible," Mogull said. "Potential worms are like staring at the ...

Threatpost

Threatpost
Thu, 09 Oct 2014 12:30:08 -0700

The monthly patch cycle was just one output from TwC, which was formed in the ashes of Code Red, Nimda and hundreds of other network worms and email viruses that ran roughshod through vulnerabilities in Windows and other Microsoft software in the ...
 
ZDNet
Wed, 01 Oct 2014 05:04:20 -0700

The situation with the Shellshock bug is so fluid and complicated that even insiders have trouble keeping it all straight. These questions and answers may help you to understand the bug — actually "bugs" — and what you should do about them. The ...
Loading

Oops, we seem to be having trouble contacting Twitter

Support Wikipedia

A portion of the proceeds from advertising on Digplanet goes to supporting Wikipedia. Please add your support for Wikipedia!

Searchlight Group

Digplanet also receives support from Searchlight Group. Visit Searchlight