Authorities around the world have released further warnings about the mass-mailing Nimda worm, saying it could be more dangerous than Code Red.
Over the last few days, the National Infrastructure Protection Centre, CERT and the Home Office have all warned about the swiftly spreading worm.
Antivirus experts agree that the worm is spreading globally at a phenomenal rate, with reports indicating that it is hitting Asia hardest, as well as making a significant impact on the UK and US.
A report from the Hong Kong branch of CERT identified that Nimda is "the fastest spreading worm in Hong Kong", and although initial infections seem small, it is spreading at a faster rate than Code Red.
According to figures released by Trend Micro, Nimda could be paving the way for an epidemic worse than Code Red.
Joe Hartmann, director of virus research at Trend Micro, said "already Nimda has jumped to number one on our virus tracking map, with over 26,000 infected computers worldwide".
He added that although "we don't yet have a real idea of the extent of damage related to this worm, we do know that this virus is creating quite a lot of commotion worldwide."
UK security firm ProCheckup supported these figures. It revealed that on Tuesday, when the worm first appeared, in one hour the company received hits from over 100 infected servers.
The NIPC warning claimed that the worm is also "propagating extensively" through the internet in the US.
Users of BT's Openworld ADSL service had problems accessing the service yesterday [Wednesday] and reported that a call to the status line said the outage could have been due to the Nimda virus, although it is not yet confirmed that the virus is to blame.
Analysis of the worm has revealed that it scans for vulnerable IIS servers and exploits them using a multitude of vulnerabilities, including those hit by Code Red.
It uses Trivial File Transfer Protocol (tftp) to distribute files, as well as through Windows-based email clients as a "readme.exe" attachment, sending itself to addresses in MAPI mailboxes, forging the source email address.
Nimda also scans for Samba and Microsoft file shares and attempts to log in using a guest account. It places attack files in each directory discovered.
And once a system is infected, the C: drive will be set for file sharing and a Guest account will be added to the Administrators group.
The outbreak may tip the balance in damage costs to more than last year's high of $17.1bn. A recent report from analyst Computer Economics claimed that with virus-related damage well over the $11bn mark already, the only way to limit financial damage caused by viruses was to reach the end of the year without another epidemic. Too late, it would seem.
Because the worm attacks both client PCs and servers, it has effectively increased its chances of spreading. But patches for both machines are available from Microsoft's website - herefor IIS server, and here for desktop machines.
Most antivirus companies have released updates and tools for cleaning infected machines, available from the relevant websites.
And, yep, it'll run Android rather than RiscOS
US engineering giant's cost-cutting outsourcing plan is on the rocks, according to insiders
HP Envy X2 laptop only affordable if you've got loadsamoney
Counterfeit code-signing certificates enabling hackers to hide malware being sold by cyber criminals
Certificates can be used as part of layered obfuscation to evade detection by anti-virus software