What caused the W32 Nimda virus?


In the months before and after September 11, 2001, the United States was bombarded with cyber attacks. In July of 2001, a worm was observed on computers running Microsoft's IIS (Internet Information Services) web server. The worm spread using a common type of vulnerability known as a buffer overflow. It did this by using a long string of the repeated character 'N' to overflow a buffer, allowing the worm to execute arbitrary code and infect the machine. On July 19, 2001, the amount of infected hosts reached over 350,000 zombies. It was discovered by U.S. intelligence that a coordinated attack was being made against the U.S. Governments servers.
At a specific time all of the infected computers were going to send multiple pings towards the U.S. Governments server, which could cause grave damage. The plan was discovered and the servers were successfully shut down during the attack. In August of 2001, a second computer worm was released on the internet. It received the name Code Red II. The original worm tried to infect computers at random, Code Red II tried to infect machines on the same subnet as the infected machine. The source of these computer viruses remains a mystery.

Read More:

10 Bizarre Locations & Unsolved Mysteries

No comments: