Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Blogs
    • Security Watch

    Experts – Conficker USB Worm Spreading Quickly

    By
    Matthew Hines
    -
    January 22, 2009
    Share
    Facebook
    Twitter
    Linkedin

      Security researchers are reporting that the Conficker worm virus, which preys on a recently reported vulnerability (MS08-067) in the Microsoft Windows server service, is spreading rapidly even as we speak.

      According to a warning issued today by PandaLabs, some six percent (115,000-plus) of the two million computers that it has scanned for the virus in the last week or so have tested positive for Conficker, which is propagated via infected USB memory devices, including MP3 players.

      PandaLabs said that the spread of the attack has been fairly ubiquitous worldwide as well, with infections showing up on machines in 83 countries. Over 18,000 machines carrying the threat were found inside the U.S. alone. The company said there were concentrated pockets of affected computers in Brazil, Mexico, Spain and Taiwan as well.

      Based the results found within its test group, the company is speculating that Conficker is potentially resident on millions of machines in total. The scope of the attack harkens back to the heyday or massive worm outbreaks in years past, the experts observed.

      “Of the two million computers analyzed, around 115,000 were infected with this malware, a phenomenon we haven’t seen since the times of the great epidemics of Kournikova or Blaster,” Luis Corrons, Technical Director of PandaLabs, said in a report summary.

      “This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels. The outbreak of this worm really highlights the need for users to establish strong passwords both on personal computers and corporate networks, as otherwise, an infection could spread across an entire company leaving computers at the mercy of attackers,” Corrons said.

      In addition to the tainted USB angle, PandaLabs said it has also discovered that some variants of the threat are launching brute force attacks that can lift passwords from infected computers, and from internal networks.

      The researchers highlighted the fact that the attack is also using an innovative social engineering tactic to spread via USB. After someone attaches an infected device and the Windows options menu appears, Conficker is launched when someone merely attempts to open the folder to see what files the USB holds.

      Pointing to the relevance of a Roger Thompson argument I blogged about yesterday, PandaLabs is speculating that “the frequency of weak passwords (common words, own names, etc.) has aided the distribution of this worm.”

      Ah, the more things change the more they stay the same, eh? Real live non P2P botnet worm viruses in the wild, it makes me reminiscent for 2003 all over again.

      But boy, hasn’t Anna Kournikova’s star faded in just a few short years?

      Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the security space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to [email protected].

      Avatar
      Matthew Hines

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×