ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Online business Toolkit

Code Red worm traced to Chinese university

Wendy McAuliffe ZDNet.co.uk

Published: 04 Sep 2001 11:42 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The author of the malicious Code Red worm has been traced to a university in China, according to US officials.

The chief technologist at the US General Accounting Office (GAO) told the bipartisan House committee on government reform last week that he believes the worm to have originated from a university in Guangdong, China. But no details were released to back up the claim, and Keith Rodes, who delivered the speech, insisted that no one country or person was being treated as a prime suspect yet.

The Code Red worm and its predecessor Code Red II take advantage of a vulnerability in Microsoft's Internet Information Server (IIS) Web server software, and propagate across networks without any user intervention. The Code Red II worm is more malicious, as it installs "back doors" on infected Web servers, allowing any remote hacker to execute arbitrary commands and take complete control of a system.

Speculation has previously appeared in the press that the name "Code Red" referred to China, and was fuelled by the "Hacked by the Chinese" message that appeared on some attacked computers. But in fact the name came from the latest flavour of the favourite drink -- Mountain Dew -- of the researchers who discovered the virus, working at Internet security firm eEye Digital.

The US has been investigating the Code Red since the 19 July, when it infected more than 250,000 systems in just nine hours, according to the National Infrastructure Protection Centre (NIPC). An estimated 975,000 servers have been infected in total, according to Computer Economics -- including the White House Web site. The economic costs resulting from the worm are already thought to be over 」2.4bn.

See the Viruses and Hacking News Section for the latest headlines.

Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Security forum.

Let the editors know what you think in the Mailroom. And read other letters.

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Kyocera

Did you find this article useful?
29 out of 53 people found this useful


Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Online business



Company/Topic Alerts

Create a new alert from the list below:










Sentry Posts Blog

GoDaddy suspends travel-getaways.com d...

I'm very pleased to say that GoDaddy has suspended the travel-getaways.com domain. I blogged in June that to my surprise I had found I was the site administrator for travel-getaways.com,... More

1 comment

Hello, I知 a PC. I知 a Handheld.

Hello, I知 a PC. I知 a Handheld. Author: Eric Everson, Founder MyMobiSafe.com I have said it before and I am sure I値l say it again, mobile devices are simply replacing computers.... More

Post a comment

Please educate your clients!

This extremely short post appeared following a meeting with a decision maker of a potential client. During the conversation I realized that this highly respected and well paid top manager... More

2 comments

Featured Talkback

I wonder, who needs .asia domain? I cannot imagine, what would be useful for Microsoft.asia? Toyota.asia? Then let's register .europe (if .eu is too short). Or perhaps Microsoft.southamerica, Dell.australiaandnewzealand, Coca-Cola.africa... Sound funny? Then why not just use the global and country domains? Or perhaps it is time to drop the domains at all?

By: LadyRoot

Read full story:
Businesses advised to register .asia domains