September Marked the 10th Birthday Anniversary of Nimda
Security experts at Sophos have once again recapitulated the tenth birthday anniversary of the infamous Nimda worm and are taking into account every possible step to combat further attempts by the same in future.
Nimda, being an incredible hybrid of computer worm is enabled to circulate rapidly and spread infection through e-mail attachments and across malicious websites running risky versions of Microsoft's Internet Information Services (IIS), initially patched after Microsoft's debacle on September 2001.
As a result of the rapid outbreak of Nimda worldwide like a wild fire, innumerable destruction was caused. The worm also had the capability of hacking weak passwords and entering into the local networks. Nimda could also spread using backdoors that were unattended during the Code Red II worm outbreak.
Nimda generated abundance volumes of extra network traffic as it could infect at a superb rate. Apart from it, the malware was capable of infecting executables on machines that were already infecting to worsen up the cleaning process altogether.
In this venture, Nimda took toll on high-tech firms like Microsoft, Dell and NTL Communications.
While explaining Nimda's superior malware technology, Paul Ducklin, Sophos's Head of Technology, intrigued on its undefined capability of speed, as reported in nakedsecurity.sophos on September 16, 2011.
At present, basic parasitic malware carries the original host file with an intention of deceiving users into using them. But more sophisticated computer viruses inserted their content in the form of a new code section or at best as in the Chernobyl, virus - into the unexploited parts of the executable.
However, Nimda chose a basic approach i.e. carrying the original host in a complicated manner. It implanted the infected host in the form of a Windows resource. The infected host is embedded from within as a Windows resource. And later on, Nimda would happily reinfect files that were already being hit by it.
Nonetheless, security experts were held the view that in the heck of securing future, present should not be ignored, which is evident from their reminiscing of the past malware experiences from Nimda.
Needless to say, Ducklin reminded once again that, one should refurbish immediately any slight known hole so that major malware breaches can be controlled at the initial stage itself.
» SPAMfighter News - 29-09-2011