All the latest UK technology news, reviews and analysis
|
|
|
17 Jan 2009
Security researchers are reporting that a worm has infected 3.5 million Windows computers in the past four days.
The worm, known as 'Conficker', 'Downadup' or 'Kido', exploits a vulnerability that Microsoft patched in October 2008. The malware sets up an HTTP server and resets a machine's System Restore point to stop administrators deleting it.
"The number of Downadup infections are skyrocketing based on our calculations," said security firm F-Secure in a blog posting.
"From an estimated 2.4 million infected machines to over 8.9 million during the last four days. That's just amazing."
The worm contains the usual Trojan package that allows the controller to download new files from their own server. But, in an unusual twist, the malware generates hundreds of seemingly random domain names to scan for updates, making it much harder to track the one used by the malware writer.
"Our advice is to block all incoming and outgoing traffic on port 445 from those computers to ensure that (a) they aren't hit with exploits from the internet and (b) if they somehow are exploited, they aren't able to infect the rest of the network via file shares," said Graham Cluley, senior technology consultant at Sophos.
"Furthermore, if you have a group policy in place to lock out accounts after too many unsuccessful log-in attempts, the worm will probably cause many of these accounts to become locked out during the worm's password cracking attempts.
"This can obviously be annoying but, at the same time, it is a good indicator that you may have an infected computer on the network."
Servers in the US and Europe have had the fewest infections owing to regular updating by IT administrators. China, Brazil and Russia have been hit hardest, according to F-Secure.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Desktop Deployment Support Analyst (Worksite, SQL...
Project Manager is required by Bank in Germany Suitable...
Mobile & Social Media Application Web Developer...
CCVP Consultant - Telecoms Cisco Certified Voice Professional...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Time to get a Mac!!!!!!!!!!!!!!!
PC users everywhere Windows is the "Emperor's New Clothes" the naked truth is you will probably get infected in you do not update your PC every 10 seconds! Come to the away from the dark side come to the light! Of course I am just a smug Mac business user who has not had to EVER run any anti virus software EVER and have NEVER been infected with a single piece of malware since 1994. This is a FACT about Macs. I know that a fact about Macs is very unusual to see in an article in this publication, but it had to happen someday! Oh! and they are easy to use and sometimes you even smile when using them.
Posted by: Hans Beier 22 Apr 2009
Severe punishment
There should be a very severe punishment for these lowlife idiots.
Posted by: affaiec 18 Jan 2009
How about the full story?
What people need to know is, "How can I tell whether I have this virus on my PC, and if I do, what to do about it." That's the most important issue for readers.
Posted by: Steve McNamara 18 Jan 2009
Amazing and Annoying Thanks for the heads up vnunet.com
So Downadup will spike password resets and drive Windows reinstalls on some systems. I am surprised Microsoft has not made a public statement regarding this incident. Users that are not tech savy will not notice the annoying virus. We can't just turn off Windows.
Posted by: manager2 17 Jan 2009