Tech Industry

Net security coalition issues Nimda warning

FBI investigators, computer emergency response teams and software companies warn computer users to tread carefully on the Net.

An Internet security coalition made up FBI investigators, computer emergency response teams, software companies and government groups issued a statement Wednesday warning all Internet users to beware of the Nimda worm.

"The worm clogs parts of the Internet, slows or stops Internet traffic for some users, and may damage files on infected computers," the coalition stated.

On Tuesday, antivirus experts had multiple discussions with government groups over the best action to take in the face of the fast-spreading Nimda worm, according to sources.

Also known as readme.exe or by its full W32.Nimda moniker, the worm spreads using a multipronged attack and infects both PCs and servers running Microsoft's Windows 95, 98, Me and 2000 operating systems.

To spread, the program sends an e-mail message with a worm-infected attachment, scans for and then compromises vulnerable servers, jumps to shared hard drives on a network, and sends itself to any Web user whose browser requests a Web page from an infected server.

Wednesday's warning referred concerned computer users to an advisory posted by the Computer Emergency Response Team (CERT) Coordination Center at Carnegie Mellon University.

"We are looking on the order of tens of thousands of compromised machines," said Chad Dougherty, Internet security analyst with CERT. "We got a number of reports from sites that had localized bandwidth denial of service."

As many as 150,000 computers may have been infected Tuesday, said David Moore, senior researcher at the Cooperative Association for Internet Data Analysis at the University of California at San Diego's Supercomputer Center.

Europe woke up on Wednesday to Nimda as well. As many as 15,000 companies on the continent may have been infected by the worm, according to one antivirus company.

Reuters contributed to this report.