Nimda (released exactly one week after the September 11 attacks) became the most widespread internet virus in history within 22 minutes of release, surpassing Code Red. Its five simultaneous propagation vectors made it uniquely virulent: it spread as an email attachment, through drive-by browser exploitation from infected IIS web servers, via open Windows network shares, through IIS directory traversal vulnerabilities, and through backdoors left by Code Red II. Nimda was the first malware to modify existing websites to serve infected files to visitors, turning legitimate web servers into attack infrastructure. Within one week, approximately 500,000 servers and PCs were infected across 86 countries. The worm significantly slowed global internet performance and disrupted enterprise networks. Estimated damages by late September 2001: $590 million. Nimda marked the evolution from single-vector worms to sophisticated multi-vector attacks and the beginning of worms that actively weaponized web infrastructure.