Tags: computer | worm

Nasty Worm Wriggles Into Millions of Computers

Wednesday, 21 Jan 2009 12:25 PM

Share:
  Comment  |
   Contact Us  |
  Print  
|  A   A  
  Copy Shortlink

SAN FRANCISCO – A nasty worm has wriggled into millions of computers and continues to spread, leaving security experts wondering whether the attack is a harbinger of evil deeds to come.

US software protection firm F-Secure says a computer worm known as "Conficker" or "Downadup" had infected more than nine million computers by Tuesday and was spreading at a rate of one million machines daily.

The malicious software had yet to do any noticeable damage, prompting debate as to whether it is impotent, waiting to detonate, or a test run by cybercriminals intent on profiting from the weakness in the future.

"This is enormous; possibly the biggest virus we have ever seen," said software security specialist David Perry of Trend Micro.

"I think the bad guys are field testing a new technology. If Conficker proves to work well, they could go out and sell malware (malicious software) to people. There is a huge market for selling criminal malware."

The worm, a self-replicating program, takes advantage of networks or computers that haven't kept up to date with security patches for Windows RPC Server Service.

It can infect machines from the Internet or by hiding on USB memory sticks carrying data from one computer to another. Once in a computer it digs deep, setting up defenses that make it hard to extract.

Malware could be triggered to steal data or turn control of infected computers over to hackers amassing "zombie" machines into "botnet" armies.

"Here we are with a big, big outbreak and they keep revamping their methodology to increase the size of it," Perry said. "They could be growing this huge botnet to slice it up and sell it on the criminal market."

Microsoft says it is aware of the Conficker "worm family" and has modified its free to detect and get rid of infections.

The US software giant also advises people to stay current on anti-virus tools and Windows updates, and to protect computers and files with strong passwords.

A troubling aspect of Conficker is that it harnesses computing power of a botnet to crack passwords.

Repeated "guesses" at passwords by a botnet have caused some computer users to be locked out of files or machines that automatically disable access after certain numbers of failed tries.

"Downadup uses brute force from the infected network of botnets to break the password of the machine being attacked," Perry said. "That is something never seen before and I find it disturbing."

Perry urges people to harden passwords by mixing in numbers, punctuation marks, and upper-case letters. Doing so makes it millions of times harder for passwords to be deduced, according to Perry.

"This is necessary in a world where malware hacks passwords," Perry said.

"Go get a notebook, keep it next to your computer and record your password in it. No hacker in the world can hack the written page locked away in your office."

© 2009 Agence France Presse. All rights reserved.

© 2014 Newsmax. All rights reserved.

Share:
  Comment  |
   Contact Us  |
  Print  
  Copy Shortlink
Around the Web
Join the Newsmax Community
Please review Community Guidelines before posting a comment.
>> Register to share your comments with the community.
>> Login if you are already a member.
blog comments powered by Disqus
 
Email:
Retype Email:
Country
Zip Code:
Privacy: We never share your email.
 
Hot Topics
Follow Newsmax
Like us
on Facebook
Follow us
on Twitter
Add us
on Google Plus
Around the Web
Top Stories
You May Also Like

Study Links Polar Vortex Chills to Melting Sea Ice

Tuesday, 02 Sep 2014 20:41 PM

Remember the polar vortex, the huge mass of Arctic air that can plunge much of the U.S. into the deep freeze? You might  . . .

Netflix: Local Governments Should Set Up High-Speed Web Networks

Tuesday, 02 Sep 2014 19:35 PM

Netflix, the company that streams movies and original programming over the Internet, has weighed in on a petition to the . . .

Apple Says ICloud Not Breached in Celebrity Photo Hack

Tuesday, 02 Sep 2014 15:22 PM

Apple said Tuesday that certain accounts of Hollywood celebrities were compromised via a very targeted attack on its s . . .

Most Commented

Newsmax, Moneynews, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, NewsmaxWorld, NewsmaxHealth, are trademarks of Newsmax Media, Inc.

 
NEWSMAX.COM
America's News Page
©  Newsmax Media, Inc.
All Rights Reserved