GameSpy Arcade Linked on Infected With Nimda
Posted on 27.06.2002
Stuart Udall ( noted the following on the Incidents mailing list: I bring to your most urgent attention that the copy of Gamespy Arcade 1.09 available on at the address
62178 10107395&ontId=20&destUrl=http%3A%2F%2Flaunch.gamespyarcade.c

(HNS Note: URL above is wrapped for better viewing purposes)

is infected with the W32/Nimda.gen@MM virus, as detected by
NAI/McAfee Viruscan.

The full URL of the infected file is:

According to, as of my writing, this file has been downloaded 112806 times from since April 29, 2002.

The virus infected my computer after I downloaded and executed the program via at around 21:45PM, and I'm justing finishing the cleanup now - it's 3:15AM and counting, thank you very much.

I do understand that the file is actually served from, but it was only by carefully inspecting the URLs served by that this becomes evident. A less savvy user wouldn't make the distinction.

I suggest that every night, a robot downloads each file serves, and scans it.

Meanwhile, I suggest the guilty party at gamespy be shot.

Karen Cobb, Customer Service Manager at GameSpy Industries replied on the same mailing list: "Thanks for alerting us to the possible presence of a virus in the GameSpy Arcade Installer. We verified that the GameSpy Arcade Installer did indeed contain the W32.Nimda.E@mm virus shortly after receiving your e-mail. The infected file was immediately replaced with a virus-free version of the installer."

Information on Nimda family of worms can be found over here:

Nimda Removal tools:
+ BitDefender AntiNimda
+ Symantec Nimda.A Removal Tool
+ Symantec Nimda.E Removal Tool


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th