Print

Mail

wiki links

Worm on Internet disrupts networks in North America

An Internet worm called "Blaster" that attacks Windows operating systems spread across the globe on Tuesday, infecting and crashing home and office computers faster than technicians could install safeguards.

A computer security expert said the worm, which specifically targets computers running Windows XP and Windows 2000, could spread for a few days before tapering off.

At least 124,000 computers using Microsoft Corp's Windows software have been infected worldwide, according to a sample by Symantec Corp's Security Response sensor network.

"Corporate networks are getting hit pretty hard," said Alfred Huger, a senior director of engineering at Symantec. "Hundreds of machines are spontaneously rebooting throughout the environment."

Johannes Ullrich of the SANS Institute said the rate at which the worm was spreading seemed to be slowing late Tuesday afternoon.

SANS (SysAdmin, Auditing, Networking and Security Institute) is a security training and information organization based in Bethesda, Maryland.

Russ Cooper of TruSecure Corp, a security services provider in Herndon, Virginia, said peak worm activity had occurred between 2am and 3am eastern time on Tuesday.

Computers infected by Blaster scan the Internet looking for other machines running Windows that have an open security hole.

The worm then sends itself to those computers.

Windows 2000 and XP computers in North America were getting scanned or infected after being connected to the Internet for an average of 25 minutes, Huger said.

Although some corporate networks were slowed by the worm, no impact on overall Internet traffic was detected.

The worm, also called MSBlaster or LoveSan, surfaced on Monday in the US and quickly spread, taking advantage of a security hole discovered last month in Windows 2000, Windows XP, Windows NT, and Windows Server 2003 operating systems.

Also See Story:
Blaster blows hole in nation's defenses

This story has been viewed 2917 times.