- A worm is a computer program also called "malware" that can replicate itself over a network without the user having to do anything. Worms usually exploit a weakness in the operating system that allows the execution of an unauthorized code without the user's knowledge. Contrary to a virus that hides itself inside the executable file of a program, a worm has its own file.
- The Blaster worm was created in China by hackers who reverse engineered a patch that Microsoft created to fix a flaw in the Windows operating system. The first version was able to effectively infect any Windows 2000 and XP 32-bit systems. It was not capable of infecting Windows NT, XP 64-bit and Windows Server 2003 operating systems, but Blaster was able to cause instability in those systems when it attempted to infect them.
- The worm was first detected on August 11, 2003 and spread quickly, reaching its peak on August 13, 2003. The worm spread quickly because the patch fixing the flaw wasn't applied to the computer administrator. Using experience gained from the I Love You worm three years earlier, Internet service providers and large network administrators were able to quickly apply patches and filtering to prevent further spread.
- When infecting Windows 2000 and Windows XP 32bits operating systems, the Blaster worm didn't do much damage to the computer besides spreading to other computers. The Blaster worm was, however, programmed to create a denial of service (DOS) attack (trying to connect to a server thousands of times to take it down) on the Microsoft Windows Update service. That attack took place, but the damage was minimal as the address used was not the one for the main Windows Update server.
- The Blaster worm wasn't as stealthy as some of the current generation worms. A simple search for "msblaster.exe" was able to find the executable. The worm also didn't make any attempt to interfere with anti-virus updates and all anti-virus solutions were quickly updated and able to remove it.
Worm
Creation
Infection
Damage
Removal
Source...