Excerpt from “New Worms On Cyber-Prowl” (AP) from CBS News:
The worm known as both Nachi and Welchia wreaked havoc Tuesday with Air Canada’s airline reservation systems, creating long lines at the Vancouver airport as weary travelers were forced to check in manually.
Nachi/Welchia also popped up in various nooks and crannies in the United States, including Kentucky, where it interfered with state government computers which handle motor vehicle registration, Medicaid, food stamps, and child support.
Nachi/Welchia targets the same Windows computer users as does LovSan/MBlaster. But this worm has a peculiar Internet avenger-type behavior: it seeks to take control of your computer, delete LovSan/Mblaster if it is present, install the Microsoft patch to protect against LovSan/MBlaster, and then reboot your computer (which is part of the patch installation process).
“This new worm doesn’t destroy the PC or do anything real harmful, but it starts sending out scans across the network,” says Rodney Murphy, of the Kentucky Governor’s Office for Technology, adding that the scans clog phone lines and can cause serious delays. “It can degrade the speed of a workstation to the point of being no different than shutting a PC down.”