Following a month of DDoS attacks and security bulletins, computer users were on high alert Aug. 1, 2001, as they waited to see whether the Code Red Worm would reappear to wreak more havoc.

Targeting computers that ran Windows NT or Windows 2000 and used Microsoft IIS web server software, versions 4.0 or 5.0, the backdoor worm kept a strict schedule. On days 1–19 of the month, Code Red scanned the Internet, looking for other vulnerable computers to infect. From day 20 to 27, the malware conducted a denial of service, or DDoS, attack on a specific website (during July 2001, the DDoS target was none other than whitehouse.gov). Then, from day 27 until the end of the month, Code Red took a break, lulling computer users into a sense of security.

“Hacked by Chinese”

Infected web servers displayed web pages with the message “HELLO! Welcome to http://www.worm.com! Hacked by Chinese.”

No one was sure what to expect Aug. 1, but the threat did not materialize. Perhaps picking such a high-profile target hastened Code Red’s demise; the White House thwarted the DDoS attack by redirecting the onslaught of incoming traffic to a different server. Microsoft was not so lucky: One of its web pages, www.windowsupdate.microsoft.com domain, was hacked by Code Red. Microsoft did succeed in releasing the widely adopted security patch that prevented Code Red from inconveniencing more computer users.

Subscribe to SmaterMSP

Photo: Brent Hofacker / Shutterstock.

Kate Johanns

Posted by Kate Johanns

Kate Johanns is a communications professional and freelance writer with more than 13 years of experience in publishing and marketing.

Leave a reply

Your email address will not be published. Required fields are marked *