I've just heard on the news about a virus that is due to hit PC's in the early hours of Wednesday morning (BST).

Apparantly it originated from the FBI. It is supposed to destroy web-sites.

That's all they said about it, but thought i'd post this in case anyone else knows more, or wants to look into it more.

BB

The Code Red virus has been used to hack into and destroy government web sites. The FBI didn't send it, they were victimized by it.

Ladies and gentlemen, when you hear or see this stuff visit
http://www.mcaffee.com for the lowdown. Often they are hoaxes or the information has been miscommunicated.

This one is NOT from the FBI, and doesn't even AFFECT your personal PC. It affects unpatched IIS servers, and the worst it can do to your PC is show a page that says the site was hacked when you load it up in a browser. It NEVER exists on your PC and will not do ANYTHING to it. If you run an IIS server simply download the patch to prevent the problem, which has already been available on MS' site. See http://vil.mcafee.com/dispVirus.asp?virus_k=99142 specifically for details.

Yeesh.

Oh well, that's the BBC for you.
Sorry if i caused a panic!

BB

THIS VIRUS IS REAL! PLEASE READ:


http://www.cnn.com/2001/TECH/internet/07/30/code.red/index.html


Net braces for stronger 'Code Red' attack
July 30, 2001 Posted: 9:31 PM EDT (0131 GMT)
--------------------------------------------------------------------------------

By Richard Stenger
CNN.com Sci-Tech Writer

A computer worm that proliferates on Microsoft operating systems and causes widespread Internet slowdowns could unleash a second and more virulent epidemic on Tuesday, government and corporate anti-virus experts warned.

The "Code Red" bug infiltrated hundreds of thousands of computers within hours of its first identified outbreak on July 19. The attack forced the White House to take evasive action and the Pentagon to halt briefly public access to its Web sites.

The worm is designed to spread the first 20 days of each month. On the 20th, it begins targeting the White House Web site in an attempt to knock it off the Internet. Computers harboring the virus are expected to start another round of mass infections of other machines Tuesday at 8 p.m. EDT.

RESOURCES
Message Board: 'Code Red' virus



Need Protection? Use the Patch
Those with a computer that requires inoculation should reboot the machine and install the appropriate Microsoft software patch.

For Windows NT 4.0:
Download here

For Windows 2000 Professional, Server and Advanced Server:
Download here

Detailed instructions to use the patches are posted at:
Download here





"The mass traffic associated with the worm propagation could degrade the overall functioning of the Internet and impact ordinary users," Ron Dick, the director of the National Infrastructure Protection Center, told reporters Monday.

Digital secrets at risk?
The first wave of the worm did not destroy computer files. But computer security experts fear the new version could prove more dangerous.

"An attacker could exploit the vulnerability to gain control over a Web server, or alter or steal critical corporate and private data," Dick said.

A worm can propagate itself without user assistance, unlike a more conventional computer virus.

The epidemic could affect business and personal use of the Internet, disrupting electronic commerce and e-mail, warned the Computer Emergency Response Team (CERT), a federally funded Internet security research center at Carnegie Mellon University.

Hacker message a mystery
In the latter part of July, when the worm reared its ugly head, it defaced Web sites with the phrase "Hacked by Chinese." But it had spread so quickly that computer virus experts remain puzzled about its origin.

"It's really unclear. There's a good chance we will never know where it came from," said Marc Maiffret, an officer of eEye Digital Security, which in June discovered the security flaw that the worm would later exploit.

Despite warnings from Microsoft, eEye and computer security authorities, who made an inoculation patch available on the Internet, many computers were susceptible during the first Code Red attack.

The rogue application takes advantage of a defect in Microsoft's Internet Information Services software. It affects only computers with the IIS Web server software and Window's NT or 2000 operating systems. Windows 95, Windows 98 and Windows Me are immune. Therefore, most home PCs cannot be infected.

The worm scans the Internet, locates vulnerable systems and infects these systems by installing itself. Each newly installed worm joins the others, causing the rate of scanning to rise exponentially.

Pentagon mounts a defense
The uncontrolled growth in scanning slows the speed of the Internet and can cause sporadic but widespread outages, according to CERT.

Last week, the Pentagon cut off public access to its Internet sites to remove the bug and protect against future outbreaks. The White House avoided a direct onslaught by changing its numerical Internet address.

A similar attack is expected later in August. And while the White House site has moved out of harm's way, the offensive could again disrupt Internet traffic, authorities warn.

The worm can also affect smaller networks using certain Cisco Systems-made Internet routers for data traffic flow, and a handful of Hewlett-Packard network printers, Maiffret said.

Thank Goddess...My comp is immune!

We have 2000 server:(

What can you do to protect yourself?

Originally posted by WillowRaven
If you run an IIS server simply download the patch to prevent the problem, which has already been available on MS' site.

JUST FOUND OUT THAT IT WILL ONLY AFFECT WINDOWS 2000 AND NT ONLY

Originally posted by Mairwen
The rogue application takes advantage of a defect in Microsoft's Internet Information Services software. It affects only computers with the IIS Web server software and Window's NT or 2000 operating systems. Windows 95, Windows 98 and Windows Me are immune. Therefore, most home PCs cannot be infected.


Do you guys ever actually read eachother's posts? :p

Originally posted by WillowRaven


Do you guys ever actually read eachother's posts? :p

OH right LOL :D

Found out that the "fix" for this virus is actually just rebooting your system. :rolleyes: A friend of mine thinks that it's a ploy by MicroSoft for people to go to the website for the "patches" just to see how many bootlegged copies of Win2K there are out there.

Originally posted by Mairwen
Found out that the "fix" for this virus is actually just rebooting your system. :rolleyes: A friend of mine thinks that it's a ploy by MicroSoft for people to go to the website for the "patches" just to see how many bootlegged copies of Win2K there are out there.

Could be

Latest news - the virus is hitting us later than expected, but has only affected 15 web-sites, with only one large business site affected.

I've got Windows 2000, but no web-site, so i think I'm safe.
Hope you're OK Yvonne.

BB

I feel that pc virii creators should be dragged into the streets and shot. This Code Red virus is really stupid. The apparent fix for it is giving your pc a hard reboot. (ie, shutting the pc down, turning it OFF, counting slowly to ten, then turning it back ON) I'm beginning to think what my friend said about Minisquishy was right. :-/

I think we are fine our web sites are all free and on others servers and we do hard shut downs a lot withour computer so we should be ok.

It seems as though most North American sites were ok today, although I heard that Switzerland got hit hard