The Nimda Virus

The article I presented was “Memories of the Nimda Virus

I made this simple prezi to outline the main points, which I will explain here.

History

The Nimda Virus attack happened in September 18, 2001. After only 23 minutes, this virus was the most propagated one at the time. The purpose of this presentation is explain the rapid propagation.

This was one week after the terrorist attacks of 9/11. The outbreak of this virus caused a lot of scare in America, where some thought that this was a follow-up cyber attack. However after further investigation, there was no relationship found between the worm and terrorist organizations.

Earlier is 2001, another backdoor worm named “Code Red” was propagated, which allowed this Nimda virus to propagate easily as well.

Propagation

  1. Email spreading
    • When a computer was infected by the Nimda virus, the virus would send an email to all of the user’s contacts. The email would be blank with an attachment “readme.exe” If the attachment was opened the computer would be affected.
    • With some windows operating systems and mail applications, this email would automatically get downloaded if the email was opened or even PREVIEWED.
    • The newly infected user would then have its email searched and send the virus to all of those contacts.
  2. Web Browsing
    • The Nimda virus would attach itself to ALL writable documents on a computer. This includes web files such as .htm, .html, and .asp files.
    • When an infected computer would be browsing webpages, the Nimda virus would attempt to transfer itself onto the web server.
    • If the server was not well protected, it would get the Nimda virus, and give it to any other users browsing the webpage.
  3. Shared Networks
    • Because the Nimda virus gets written on all writable documents, any file that is transferred over a shared network propagates the virus.

Payload

The nimda virus was a backdoor virus which left computers open to further attacks.  It did this in two wasy: The first was to make the C Drive sharable so that any person could access it.  The second was by creating a new user with administration privileges.

Conclusion

The nimda virus propagated so quickly because of a lack of security in the Windows operating system. Although the Nimda virus has been protected against nowadays, the author of this article notes how there are still loopholes in the windows system which makes users prone to similar attacks. Therefore it is highly recommended that one installs anti-virus software on their systems.

 

 

 

Advertisements

One comment on “The Nimda Virus

  1. michimituj says:

    From past experiences, I have found that getting anti virus softwares does not help the situation much. Most people get a big name anti virus software like Norton or AVG. When in reality, the people creating this viruses know how to bypass the bigger name companies. It is probably better to just be careful with what you look at and download.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s