WASHINGTON - The fast-spreading "Code Red" internet worm, which disrupted United States Government websites last week, is likely to start multiplying again today and could slow the internet worldwide.
Code Red, which first surfaced in mid-July, is expected to re-emerge today, according to the FBI's National Infrastructure Protection Centre (NIPC) and other online security watchers.
"There is reason for concern that mass traffic associated with the worm's propagation could degrade the overall functioning of the Internet and impact ordinary users," said NIPC Director Ronald Dick.
Computers running the Windows NT or Windows 2000 systems and Microsoft's Internet Information Server (IIS) software version 4.0 or 5.0 are vulnerable to infection and the users should install a software patch. Instructions for the patch are at www.digitalisland.net/codered.
Computer users running Windows 95, Windows 98 or Windows Me are less vulnerable, and no action was recommended for them.
For infected computers, turning the machine off and then on gets rid of the worm but does not provide immunity from future infection.
Code Red was first noticed in mid-July and appeared to spread most virulently on July 19, but has been largely dormant since about July 23.
The worm works by installing itself on server computers that then are instructed to blitz Government websites and others with data, which can slow them down.
"What makes this one different from any other is how dramatically ... it has been able to propagate itself and the viciousness associated with that," Dick said.
The worm can also deface sites, although in two of the three known variants, no vandalism is apparent to computer users. In last week's hits, some US Government sites showed the message "Hacked by Chinese".
It scans the internet, looking for other computers to infect, and as more and more computers are infected the scanning gets more widespread.
The version of Code Red that could hit on Tuesday "has mutated so that it may be even more dangerous", online security watchers warned. "This spread has the potential to disrupt business and personal use of the Internet for applications such as electronic commerce, e-mail and entertainment."
Dick noted that on July 19 alone the worm had infected more than 250,000 computer systems in just nine hours and it was estimated it could affect 500,000 internet addresses in a day.
He said the source of the worm was being investigated.
Security services company spokesman Russ Cooper says Code Red is "huge" compared to the Melissa and ILoveYou viruses.
Code Red is "enough to cause the meltdown of the internet".
- REUTERS
Symantec security updates
Red alert as worm threatens net
AdvertisementAdvertise with NZME.
