Apache worm barely squirms

A program designed to infect vulnerable computers running the open-source Apache Web server application apparently hasn't made it very far, security experts said Monday.

As first reported by CNET News.com, the Apache worm infects unpatched servers running the FreeBSD operating system, an open-source variant of Unix, and the Apache Web software. Despite initial reports that the worm had spread to some servers, consultants and antivirus experts haven't seen much activity.

"It's pretty much dead," said Marc Maiffret, chief hacking officer for network-protection company eEye Digital Security. "We haven't seen anything."

At least one computer appears to have been infected, however. The Apache worm compromised a server owned by Baltic information technology company Microlink Systems, Domas Matuzas, a Lithuanian programmer for the company, said Friday.

The worm failed to do much--if any--damage over the weekend, however.

"We received no in-the-wild submissions," said Carey Nachenberg, chief architect of the security response team for antivirus company Symantec. "It doesn't seem to be actively spreading."

The company, which refers to the worm as FreeBSD.Scalper.Worm, rated the program a low Internet threat.

"This specific implementation...it doesn't pose a large problem because of its focus," said Peter Szor, chief antivirus researcher for Symantec, pointing out that because the worm focuses on FreeBSD, a relatively minor player in the Unix world, few computers would be affected.

However, there are indications that the flaw exploited by the worm appears in other platforms, which could mean the advent of more damaging worms.

"It will become a bigger issue for sure," said Szor.