The Code Red was a informatic worm which apeared on 13 July 2001. This type of malware infected all the devices which used the Microsoft´s Operative System, entering in 360,000 computers in one day and between 1 and 2 million in total. This resulted in an estimated cuantity of $2.75 billion in clean-up costs.
What the worm did was using a vulnerability known as 'buffer overflow' in a file called IDQ.DLL. First, It inserted a large number of the character 'n',Then, it collapsed, so the worm was able to enter the computer and infect it from its inside.
This is an explame of an infected file^
When the virus was inside it searched for the file
C:/NOTWORM, which he created before infecting computers,and looked for computers in
English. When he found one with this two requirements he stay in the computer
waiting for the infection to extend. The worm created 100 threads what make the
server collapses so it have to restart. At a specific moment it made an attack
of negation of the service to the direction www.whitehouse.gov,
sending lots of trash, making the communication channels to collapse. Another
thing the virus could do is use the threads for causing instability and the fall of
the server.
The solution to eliminate temporally the worm from a computer was restarting it, but in order to not being infected again some patches had to be
installed from the Microsoft website. The person who fixed it was called Kenneth D. Eichman and was invited to the White House after this.
Here you can see the message that appeared on the computer after being infected
Interesting
Facts:
-It is thought that the man who discovered the virus give
it this name because is his favourite drink.(Mountain Dew, Code Red)
-This
worm is actually the first worm with his own novel (to know more about it click here)
-Is believed that the worm originated in Makati City, Philippines (the same origin as the Love letter worm)
No hay comentarios:
Publicar un comentario