Posted on 01/23/2009 12:18:42 PM PST by Ernest_at_the_Beach
Security watchers are bracing themselves to respond to the activitation of the huge botnet created by the Conficker superworm.
The malware has created a network of infected PCs under its control estimated at 9m or even more, according to the latest estimates — dwarfing the zombie army created by the infamous Storm worm, which reached a comparatively paltry 1m at its peak in September 2007.
Variants of Conficker (aka Downadup), which began circulating in late November, exploit the MS08-067 vulnerability in the Microsoft Windows server service addressed by Redmond with an out-of-sequence patch last October.
The malware also infects removable devices and network shares using a special autorun file. The worm uses social engineering trickery so that users on Windows machines looking to simply browse the contents of a memory stick may be tricked into selecting an option that actually runs a malware payload and infects their PC.
Some variants are programmed to spread across machines in the same local area network. Weak passwords in corporates have therefore aided the distribution of the worm.
The multiple infections techniques - none of which, incidentally, feature email — has fuelled the prolific spread of the worm. It’s been years since any worm has spread so widely. In many ways the Conficker worm epidemic represents a return to the bad old days of worms such as Nimda, Blaster and Sasser.
In the case of Conficker, security watchers reckon the fact that the worm only needs to hit one infected machine in a network to spread goes a long way towards explaining its success. Slow patching, particularly in corporates, has also contributed to the epidemic.
(Excerpt) Read more at theregister.co.uk ...
Three million hit by Windows worm ( known as Conficker, Downadup, or Kido )
***************************EXCERPT INTRO*******************************
Posted on Fri 16 Jan 2009 02:11:18 PM PST by Ernest_at_the_Beach
The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008.
Although Microsoft released a patch, it has gone on to infect 3.5m machines.
Experts warn this figure could be far higher and say users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch.
(Excerpt) Read more at news.bbc.co.uk ...
Sarah Connor, white courtesy phone....paging Sarah Connor, white courtesy phone please....
Once it installs, it keys daily on a Google or Baidu site and mutates daily. Making it near impossible for Anti virus software to eliminate.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.