GameSpy Arcade Linked on Infected With Nimda
Posted on 27.06.2002
Stuart Udall ( noted the following on the Incidents mailing list: I bring to your most urgent attention that the copy of Gamespy Arcade 1.09 available on at the address
62178 10107395&ontId=20&destUrl=http%3A%2F%2Flaunch.gamespyarcade.c

(HNS Note: URL above is wrapped for better viewing purposes)

is infected with the W32/Nimda.gen@MM virus, as detected by
NAI/McAfee Viruscan.

The full URL of the infected file is:

According to, as of my writing, this file has been downloaded 112806 times from since April 29, 2002.

The virus infected my computer after I downloaded and executed the program via at around 21:45PM, and I'm justing finishing the cleanup now - it's 3:15AM and counting, thank you very much.

I do understand that the file is actually served from, but it was only by carefully inspecting the URLs served by that this becomes evident. A less savvy user wouldn't make the distinction.

I suggest that every night, a robot downloads each file serves, and scans it.

Meanwhile, I suggest the guilty party at gamespy be shot.

Karen Cobb, Customer Service Manager at GameSpy Industries replied on the same mailing list: "Thanks for alerting us to the possible presence of a virus in the GameSpy Arcade Installer. We verified that the GameSpy Arcade Installer did indeed contain the W32.Nimda.E@mm virus shortly after receiving your e-mail. The infected file was immediately replaced with a virus-free version of the installer."

Information on Nimda family of worms can be found over here:

Nimda Removal tools:
+ BitDefender AntiNimda
+ Symantec Nimda.A Removal Tool
+ Symantec Nimda.E Removal Tool


MagSpoof: A device that spoofs credit cards, disables chip-and-PIN protection

The device can wirelessly spoof credit cards/magstripes, disable chip-and-PIN protection, and predict the credit card number and expiration date of Amex cards after they have reported stolen or lost.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Nov 26th