Confickr spreading quickly, new botnet feared
Friday, January 16, 2009
A worm that was first reported last week has continued to infect unpatched Microsoft machines, leading some security officials to speculate this may only be the beginning of a larger attack.
So far, the actual number of infected machines from the Confickr/Downadup worm remains unknown with some agencies saying it has reached more than 3.5 million, while other analysts say it's closer to half a million, DarkReading.com reports. Either way, the number appears to be significant enough to warrant some in the industry to suspect the worm is a botnet-in-progress that could potentially be used to send large amounts of spam email in the future.
Confickr thrives on machines that have not patched a Microsoft vulnerability that exploits Windows 2000, XP, and Windows Server 2003 systems.
It has also been discovered the worm can be spread through USB sticks, ZDnet.com reports. Once plugged into an infected computer, the malware creates an autorun.inf file on the root of the USB drive.
Disaster recovery from the worm has also proved to be difficult, which possibly adds to the high number of infected machines. Confickr prevents already-compromised machines from getting fixed by blocking access to Microsoft's Websites and disabling the automatic update function, states DarkReading.com.
Related News:
ChoicePoint hit by $275K fine for 2008 data security breach - 10.21.2009
ChoicePoint, a large data broker subsidiary of Reed Elsevier, has been ordered to pay a $275,000 fine by the U.S. Federal Trade Commission, over a data breach in 2008 that exposed the private data of more than 13,000 customers.
TJX settles another class action over data breach - 9.4.2009
TJX Companies yesterday announced a settlement agreement that will result in the dismissal of a class action initiated by financial institutions as a result of the data breach of TJX's network security during 2005 and 2006 that exposed approximately 40 million credit card numbers.
Radisson data breach exposed credit card numbers - 8.20.2009
Between November 2008 and May 2009, hackers infiltrated the network security of computer systems at some Radisson hotels in the U.S. and Canada and accessed customer names and credit card numbers, the hotel chain disclosed Wednesday.
Feds indict TJX hacker for data theft in Heartland breach - 8.17.2009
Federal prosecutors on Monday indicted a Miami man in connection with the biggest credit card data breach on record - the theft of 130 million card numbers from Heartland Payment Systems - along with two other high-profile hacks.
Identity theft warnings issued to 13,000 after LexisNexis data breach - 7.16.2009
Two data breaches involving a subsidiary of LexisNexis have exposed the personal information of more than 13,000 consumers, leaving them vulnerable to identity theft and fraud.
|
