Nimda


Also found in: Wikipedia.

Nimda

An extremely effective denial-of-service worm that takes advantage of numerous security loopholes in Microsoft's Web server (IIS) and browser (IE) software. Meaning "admin" backwards, Nimda usurps disk space in both clients and servers by depositing unwanted files in local folders and network shares and attaching itself to executables.

Nimda infects vulnerable IIS servers by adding a line of JavaScript to common Web pages that, when browsed by any user on a client machine, cause a virus file (README.EXE) within an Outlook .EML file to be downloaded and executed automatically. Users must have Outlook installed for this bizarre event to work. Introduced in September 2001 and affecting more than a million machines, Nimda propagates to other servers via FTP and to other users by using its own SMTP forwarding engine to send the virus to all the mail recipients that it finds. It also makes the hard disks in the server sharable for anyone. Nimda-A was the first release of the virus and uses README.EXE and README.EML files. Nimda-B, released shortly thereafter, uses PUTA!!.SCR and PUTA!!.EML files instead. See Web Server Folder Traversal and MIME exploit.
References in periodicals archive ?
Nimda is a versatile worm that spreads not only via email, but also across network drives on local area networks.
The Nimda and CodeRed attacks, which gained much publicity in 2002, were two examples of threats that combined virus and worm propagation techniques with automated hacking capabilities in separate programs.
The ScanSafe service lets employees access web and instant messaging tools in a secure environment and protects against blended virus threats such as the Nimda worm which used the web as an entry point, according to a spokesperson for ScanSafe.
The Nimda virus attack prompted our company and its 400 employees in 13 regional offices to look for new options for developing a security plan.
Government agencies face ongoing security risks from viruses, worms and sophisticated blended threats, such as Code Red, Nimda and Klez, that target network vulnerabilities, rapidly infect via multiple means, compromise data and co-opt networks during coordinated cyber attacks.
A contract for 36 CV12 engines has been recently signed between Caterpillar and Nimda of Israel, the company responsible for integrating the powerpacks at VOP 025 Novy Jicin, which is a Czech government-owned facility.
But he stressed that little noticed in the aftermath of September 11 was a large-scale cyber-attack seven days later--the Nimda virus--that proved extremely costly to private industry.
The application runs on all Windows operating systems and can detect system scans and intrusions, and attacks such as CodeRed and Nimda.
A highly dangerous worm called Nimda (Admin in reverse) was released exactly 1 week after the September 11, 2001, terrorist attack in the United States.
In fact, TruSecure customers have seen a 20-50% reduction in risk for each of the last ten major malicious code exploits including Melissa, LoveLetter, Anna Kournikova, Code Red, BadTrans and Nimda.
The bottom line is that Nimda uses many tricks we've all seen before, but rolls them up into one package.
The Nimda worm is the latest example of how the Old World strategy of "one threat, one cure" has become outdated.