Daily Talk Forum
Superworm seizes 9m PCs, 'stunned' researchers say - Printable Version

+- Daily Talk Forum (http://www.dailytalkforum.com)
+-- Forum: General Discussions (/forum-general-discussions)
+--- Forum: Technology, Computers and the Internet (/forum-technology-computers-and-the-internet)
+--- Thread: Superworm seizes 9m PCs, 'stunned' researchers say (/thread-superworm-seizes-9m-pcs-stunned-researchers-say)



Superworm seizes 9m PCs, 'stunned' researchers say - forwardone - 01-17-2009 08:55 AM

Downadup, the superworm that attacks a patched vulnerability in Microsoft Windows, is making exponential gains if estimates from researchers at F-Secure are accurate. They show 6.5 million new infections in the past four days, bringing the total number of machines it has compromised to almost 9 million.

The astronomical growth stunned some researchers, although others cautioned the numbers could be inflated since the counting of infected computers is by no means an exact science. Most agreed F-Secure's estimate was certainly plausible and if it proved to be correct, represented a major development in the world of cyberthreats.

"This thing has gotten way out of hand," said Paul Ferguson, a security researcher for anti-virus provider Trend Micro who has spent the past several weeks tracking the worm's progress. "It seems pretty spectacular to me that there could be that much growth."

A confluence of factors are responsible for the growth of Downadup, which also goes by the name Conficker.

For one, the underlying vulnerability allows for self-replicating attacks in the 2000, XP, and Server 2003 versions of Windows. And for another, the malware authors have cleverly designed exploits that spread via flash and network drives, online trojans, and social engineering features that allow it to spread like wildfire within a local network once a single machine is compromised.

Another important contribution to the outbreak seems to be the legions of administrators and users of Windows machines who have failed to heed repeated admonitions to update. Despite Microsoft releasing an emergency patch for the vulnerability almost three months ago, nearly one in three Windows machines have yet to apply it, according to research from security provider Qualys.

http://www.theregister.co.uk/2009/01/16/9m_downadup_infections/