Code Red (computer worm)

Code Red
Code Red
Technical name	CRv and CRvII
	A website defaced by the worm
Type	Server Jamming Worm

Preview warning: Page using Template:Infobox computer virus with unknown parameter "fullname"

Code Red was a computer worm observed on the Internet on July 15, 2001. It attacked computers running Microsoft's IIS web server. It was the first large-scale, mixed-threat attack to successfully target enterprise networks.^[1]

The Code Red worm was first discovered and researched by eEye Digital Security employees Marc Maiffret and Ryan Permeh when it exploited a vulnerability discovered by Riley Hassell. They named it "Code Red" because they were drinking the Mountain Dew with the same flavor name at the time of discovery.^[2]

Although the worm had been released on July 13, the largest group of infected computers was seen on July 19, 2001. On that day, the number of infected hosts reached 359,000.^[3]

The worm spread worldwide, becoming particularly prevalent in North America, Europe and Asia (including China and India).^[4]

^ Trend Micro. "Enterprise Prevention and Management of Mixed-Threat Attacks" (PDF).
^ ANALYSIS: .ida "Code Red" Worm (archived copy from July 22, 2011), Euaa advisory, eEye Digital Security, July 17, 2001
^ Moore, David; Shannon, Colleen (c. 2001). "The Spread of the Code-Red Worm (CRv2)". CAIDA Analysis. Retrieved October 3, 2006.
^ "Discoveries – Video – The Spread of the Code Red Worm". National Science Foundation.

[TrendMicro-1] Trend Micro. "Enterprise Prevention and Management of Mixed-Threat Attacks" (PDF).

[2] ANALYSIS: .ida "Code Red" Worm (archived copy from July 22, 2011), Euaa advisory, eEye Digital Security, July 17, 2001

[caida-3] Moore, David; Shannon, Colleen (c. 2001). "The Spread of the Code-Red Worm (CRv2)". CAIDA Analysis. Retrieved October 3, 2006.

[4] "Discoveries – Video – The Spread of the Code Red Worm". National Science Foundation.

[1]

[2]

[3]

[4]