New worm out on the net?

[vash]

Ok, this isn't related to the MS Blaster worm, but I'm looking at my Apache logs and I'm seeing a significant amount of GET requests on my box. Here is an example (pardon the formatting):

81.152.0.19 - - [19/Aug/2003:07:32:25 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
156.43.12.240 - - [19/Aug/2003:07:37:12 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
61.132.41.186 - - [19/Aug/2003:07:44:54 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
220.184.38.167 - - [19/Aug/2003:07:49:06 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
218.15.22.178 - - [19/Aug/2003:07:50:13 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
67.34.120.5 - - [19/Aug/2003:07:50:32 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
66.105.78.37 - - [19/Aug/2003:07:52:29 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
81.89.13.36 - - [19/Aug/2003:07:54:22 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
168.154.175.22 - - [19/Aug/2003:07:54:46 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
168.28.18.197 - - [19/Aug/2003:08:03:00 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
66.166.72.90 - - [19/Aug/2003:08:07:51 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
218.40.125.30 - - [19/Aug/2003:08:17:27 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
61.232.34.131 - - [19/Aug/2003:08:19:28 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
218.1.188.150 - - [19/Aug/2003:08:19:43 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
220.23.136.93 - - [19/Aug/2003:08:22:45 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
219.36.96.101 - - [19/Aug/2003:08:27:49 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
218.70.200.233 - - [19/Aug/2003:08:28:47 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
207.175.186.204 - - [19/Aug/2003:08:50:36 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
61.177.227.177 - - [19/Aug/2003:08:56:53 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
210.111.10.6 - - [19/Aug/2003:08:57:35 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
218.0.209.25 - - [19/Aug/2003:08:58:35 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
202.108.170.85 - - [19/Aug/2003:08:59:56 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
202.101.212.254 - - [19/Aug/2003:09:03:27 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
80.186.34.232 - - [19/Aug/2003:09:04:23 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
67.68.62.58 - - [19/Aug/2003:09:09:48 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"
209.195.138.43 - - [19/Aug/2003:09:15:39 -0700] "GET / HTTP/1.1" 200 3510 "-" "Mozilla/4.0 (compatible; MSIE 5.5; Windows 98)"

There are MANY instances of this in my log file. I'm not sure if I can keep the IP addresses in there, but that is only a small block of who is hitting my website. I don't get a lot of traffic, but when I see this, I'm thinking there are numerous people infected with something and they are scouring the net.

Anyone else seeing something like this?

vash

 

[vash]

cnet link to worm

This is probably what I'm seeing in my logs, anyone else getting hit?

vash