The computer used to kick-start the 鈥淲itty worm鈥, which infected more than 12,000 computers worldwide on 20 March 2004, has been traced. In just 10 seconds, this 鈥減atient zero鈥 targeted 110 computers in a US military base in Europe and via them spread round the world in 75 minutes.
Computer scientists Nicholas Weaver and Vern Paxson from the International Computer Science Institute in California, and Abhishek Kumar from the Georgia Institute of Technology in Atlanta, all in the US, used a technique known as telescope analysis to study the worm鈥檚 spread. The approach involves probing portions of the internet which normally don鈥檛 see much network traffic, but light up when a worm is spreading.
鈥淎 worm鈥檚 release illuminates dark corners of the network just like supernovae鈥
Advertisement
鈥淎 worm鈥檚 release illuminates, for a few moments, dark corners of the network just as supernovae illuminate dark and distant corners of the universe,鈥 the researchers write in a paper outlining their work.
鈥淚t is interesting research,鈥 says Eric Chien, chief researcher at Symantec Security Response in Santa Monica, California. 鈥淚t could definitely be useful, especially if patient zero turned out to be the author鈥檚 machine.鈥