Attachment now 'sample.exe;' bad outbreak still not expected
A new version the the nasty "Nimda" computer virus has been unleashed, infecting some computers in Europe on Tuesday. Nimda infected millions of computers worldwide during September utilizing a complex, multi-pronged attack. The worm has been spotted in computers across Europe, China and the United States. According to anti-virus firm F-Secure Corp., the new worm was written by the original Nimda author, apparently because he or she was irritated by the name "Nimda."
THE NEW NIMDA, called "Nimda.E," can arrive via e-mail as an attachment named "sample.exe. As always, computer users are advised not to open any e-mail attachments they weren't expecting.
But like the original Nimda, Nimda.E can spread in numerous ways, taking advantage of a number of vulnerabilities in Microsoft's Web server product. Infected computers immediately begin lashing out at other computers on the Internet, attempting to spread the worm.
Computers that were patched to protect against Nimda will be safe from the new variant, and most antivirus products now stop the "sample.exe" attachment.
Buried in the code of the new version is the text: "This is CV no Nimda," according to a spokesperson for F-Secure. That indicates the writer wanted the antivirus community to call his malicious program "CV," or concept virus. The name was already taken, so Nimda was chosen instead, apparently to the chagrin of the author.
News source: msnbc.com