Nasty worm wriggles into millions of computers

[Dantheman62]

SAN FRANCISCO (AFP) – A nasty worm has wriggled into millions of computers and continues to spread, leaving security experts wondering whether the attack is a harbinger of evil deeds to come.

US software protection firm F-Secure says a computer worm known as "Conficker" or "Downadup" had infected more than nine million computers by Tuesday and was spreading at a rate of one million machines daily.

The malicious software had yet to do any noticeable damage, prompting debate as to whether it is impotent, waiting to detonate, or a test run by cybercriminals intent on profiting from the weakness in the future.

"This is enormous; possibly the biggest virus we have ever seen," said software security specialist David Perry of Trend Micro.

"I think the bad guys are field testing a new technology. If Conficker proves to work well, they could go out and sell malware (malicious software) to people. There is a huge market for selling criminal malware."

The worm, a self-replicating program, takes advantage of networks or computers that haven't kept up to date with security patches for Windows RPC Server Service.

It can infect machines from the Internet or by hiding on USB memory sticks carrying data from one computer to another. Once in a computer it digs deep, setting up defenses that make it hard to extract.

Malware could be triggered to steal data or turn control of infected computers over to hackers amassing "zombie" machines into "botnet" armies.

"Here we are with a big, big outbreak and they keep revamping their methodology to increase the size of it," Perry said. "They could be growing this huge botnet to slice it up and sell it on the criminal market."

Microsoft says it is aware of the Conficker "worm family" and has modified its free to detect and get rid of infections.

The US software giant also advises people to stay current on anti-virus tools and Windows updates, and to protect computers and files with strong passwords.


http://news.yahoo.com/s/afp/20090121...20090121063422

[bodzoyfa]

Thanks, Dan!

Keep us posted on the latest developments.

[Dantheman62]

here's another link and article....

Calling the scope of the attack "amazing," security researchers at F-Secure Corp. Friday said that 6.5 million Windows PCs have been infected by the "Downadup" (or "Conficker") worm in the last four days, and that nearly nine million have been compromised in just over two weeks.

(See PC World's report on how to protect your systems.)

Early Friday, the Finnish firm revised its estimate of the number of computers that had fallen victim to the worm, and explained how it came to the figure. "The number of Downadup infections [is] skyrocketing," Toni Koivunen, an F-Secure researcher, said in an entry to the company's Security Lab blog . "From an estimated 2.4 million infected machines to over 8.9 million during the last four days. That's just amazing."

On Tuesday, Koivunen put the number of infected systems at 2.4 million, then updated the estimate Wednesday to 3.5 million, an increase of 1.1 million in just 24 hours .

http://www.pcworld.com/businesscente...continues.html