September 19, 2001, 10:00 AM — One in every 300 e-mails circulating now contains a virus, up from one in every 700 in October last year, according to e-mail security company MessageLabs Ltd. Viruses are growing in sophistication and are thus able to propagate themselves faster and more effectively, the company said in a statement regarding the Nimda virus.
Nimda is a hybrid virus containing a mass mailing component enabling it to spread very quickly. As it spreads, it attempts to infect Web servers with a version of the Code Red program which caused serious disruption last month. Current outbreak tracking statistics show this to be one of the fastest-spreading viruses to date, MessageLabs said.
The virus tries to spread in several ways apart from mass mailing, according to MessageLabs. It attempts 16 different exploits against known Web server holes. Once compromised, the Web server appears to serve up pages which exploit browser bugs to execute immediately without asking for permission, and thus compromise the PC running the Web browser, according to MessageLabs.
The virus was first intercepted in a message sent from Korea, and has been seen active in 15 countries, the most active being the U.K. and U.S., MessageLabs said. It has also infected a few systems in New Zealand, Australia and Japan, IT agencies and anti-virus companies have said.
The high scanning rate of the Nimda worm may also cause bandwidth denial-of-service conditions on networks with infected machines, the Singapore Computer Emergency Response Team (SingCERT) said in an advisory.
This outbreak shows that existing anti-virus systems cannot respond quickly enough to new outbreaks and that the problem must be addressed at the Internet level, MessageLabs said.
MessageLabs said that if the growth in the number and power of viruses and worms continues, as many as one in 10 e-mails circulating the globe would be infected by a virus by 2007.
MessageLabs, in London, can be contacted at +44-20-7612-1830 or http://www.messagelabs.com/.