Xtra News Community 2
March 29, 2024, 06:57:19 am
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Welcome to Xtra News Community 2 — please also join our XNC2-BACKUP-GROUP.
 
  Home Help Arcade Gallery Links BITEBACK! XNC2-BACKUP-GROUP Staff List Login Register  

Nasty worm : 'Conficker' or 'Downadup'

Pages: [1]   Go Down
  Print  
Author Topic: Nasty worm : 'Conficker' or 'Downadup'  (Read 868 times)
0 Members and 1 Guest are viewing this topic.
DazzaMc
Don't give me Karma!
Moderator
Absolutely Fabulously Incredibly Shit-Hot Member
*
Posts: 5557


« on: January 27, 2009, 03:10:04 pm »

Nasty worm wriggles into millions of computers, identified as 'Conficker' or 'Downadup'

--------------------------------------------------------------------------------

A NASTY worm has wriggled into millions of computers and continues to spread, leaving security experts wondering whether the attack is a harbinger of evil deeds to come.
US software protection firm F-Secure says a computer worm known as "Conficker" or "Downadup" had infected more than nine million computers and was spreading at a rate of one million machines daily.

The malicious software had yet to do any noticeable damage, prompting debate as to whether it is impotent, waiting to "detonate", or a test run by cybercriminals intent on profiting from the weakness in the future.

"This is enormous; possibly the biggest virus we have ever seen," said software security specialist David Perry of Trend Micro.

"I think the bad guys are field testing a new technology. If Conficker proves to work well, they could go out and sell malware (malicious software) to people.

"There is a huge market for selling criminal malware.''

The worm, a self-replicating program, takes advantage of networks or computers that haven't kept up to date with security patches for Windows RPC Server Service.

It can infect machines from the internet or by hiding on USB memory sticks carrying data from one computer to another. Once in a computer it digs deep, setting up defences that make it hard to extract.

Malware could be triggered to steal data or turn control of infected computers over to hackers amassing "zombie" machines into "botnet" armies.

Microsoft says it is aware of the Conficker "worm family" and has modified its free Malicious Software Removal Tool to detect and get rid of infections.

The US software giant also advises people to stay current on anti-virus tools and Windows updates, and to protect computers and files with strong passwords.

A troubling aspect of the worm is that it can potentially crack passwords and lock a legitimate user out of their own computer.

"Downadup uses brute force from the infected network of botnets to break the password of the machine being attacked," Perry said.

"That is something never seen before and I find it disturbing."

Mr Perry urged people to harden passwords by mixing in numbers, punctuation marks, and upper-case letters.

Doing so makes it millions of times harder for passwords to be deduced, according to Mr Perry.

"This is necessary in a world where malware hacks passwords," Mr Perry said.

"Go get a notebook, keep it next to your computer and record your password in it. No hacker in the world can hack the written page locked away in your office."

http://www.news.com.au/technology/story/0,28348,24943012-5014239,00.html



Make sure your all patched up - this is a nasty bug....

Download the Patch here: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx
 
 
« Last Edit: January 27, 2009, 03:18:40 pm by DazzaMc » Report Spam   Logged

Reality is merely an illusion, albeit a very persistent one.

Share on Facebook Share on Twitter

DazzaMc
Don't give me Karma!
Moderator
Absolutely Fabulously Incredibly Shit-Hot Member
*
Posts: 5557


« Reply #1 on: January 27, 2009, 03:29:51 pm »

Windows worm: Security experts waiting for activation of 'botnet'

Computer experts are preparing to respond to further virus outbreaks and security threats posed by the Windows worm, known as Conficker, Kido and Downadup, which has infected more than 15 million PCs worldwide.

The worm – known as Conficker, Kido or Downadup – is spreading rapidly between machines, and has effectively created a giant “botnet” of compromised computers that security experts fear could be used by hackers and spammers to mount sustained attempts to steal personal and sensitive information from compromised machines, or to automate a huge mass-mailing of spam emails.

The virus is programmed to constantly update itself from a variety of sources and ever-changing servers, making it very hard for antivirus companies to block the source of the problem.

“This is an indication that the worm authors are preparing to carry out a large-scale attack in the near future using the infected machines,” Dominic Hoskins, a security expert at Panda Security, told The Register.

The worm, which first surfaced late last year, exploits vulnerabilities in the Windows operating system, and can be passed from an infected computer to a clean computer via removable hard drives and USB memory sticks.

Although security firms have been tracking the worm for months, and Microsoft issued a security patch to combat the virus in October, many users have failed to patch their machines, leaving them vulnerable to attack, especially from new variants of the worm.

The fear is that already compromised machines could then be further exploited by cyber criminals to steal users’ login and password information or credit card details, and even to re-route web traffic in order to disguise illegal activity.

The majority of infected computers are in China, Russia and Brazil, which could be aiding the spread of the worm. “The countries most affected by Conficker have a high percentage of pirated Windows users, who may nt be entitled to apply Microsoft’s patch,” warned Paul Wood, a senior analyst at MessageLabs. “This could be a factor in the spread of the worm.”

Computer users are advised to ensure their antivirus software, operating system and firewall is up to date, and that they have installed a Microsoft patch designed to combat the problem, MS08-067, which is available from the Microsoft site. There is also a recently issued Microsoft removal tool that may be able to restore machines already infected by the worm.





Report Spam   Logged

Reality is merely an illusion, albeit a very persistent one.
bump head benny
Shit-Hot Member
*
Posts: 1291



WWW
« Reply #2 on: March 02, 2009, 03:09:38 am »

 Shocked
Report Spam   Logged

Lets kill all the warmongers.

Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by EzPortal
Open XNC2 Smileys
Bookmark this site! | Upgrade This Forum
SMF For Free - Create your own Forum


Powered by SMF | SMF © 2016, Simple Machines
Privacy Policy
Page created in 0.025 seconds with 18 queries.