A new, more virulent strain of Code Red has surfaced to strike systems worldwide. It appears to hold a particular dislike for Chinese computers.
Researchers discovered the recent variant of the malicious computer program on Saturday. The Internet worm that reportedly attacked about 650,000 servers worldwide was discovered in the middle of last month. It sparked a concerted call last week from United States officials for security technicians to patch vulnerable Web servers to prevent the Internet from stumbling to a halt.
The new version of Code Red, named after a soft drink favoured by technicians who discovered it, inserts malicious code that allows files to be stolen. It also seems to be twice as active on Chinese-language servers as other language systems, as opposed to others that have attacked only English servers.
All variants of the worm attack Microsoft Internet Information Services (IIS) Web servers, but this version treats Windows 2000 and NT systems differently.
The company that discovered Code Red, eEye, warned this version's code would run only on a Windows 2000 system with a vulnerable server. Any IIS server based on Windows NT would crash when it attempted to execute the code, the Web site of the System Administration, Networking and Security Institute said.
Anti-virus company Symantec said it had reports from around the globe about the threat on Monday, including one from Hong Kong, and expected more.