Conficker reaches 10 million, possible peak
Monday, January 26, 2009
Conficker (Downadup) may have peaked at 10 million machines and appears to be slowing down, according to researchers on Friday.
However, the malicious worm is still sitting on infected machines, presumably creating a huge botnet, SCMagazineus.com reports.
Some security officials have speculated the worm could do any number of things, from launching a denial-of-service attack to stealing people's credit cards. It may also be possible the malware does nothing at all.
Approximately three weeks ago, Conficker was found taking advantage of a known Microsoft vulnerability that was originally patched last October (MS08-067). Initially, it seemed the worm only attacked machines that didn't have the patch installed.
However, it later became apparent Conficker could be spread through removable USB drives, even on computers that had been patched. It infiltrated various networks by guess weak passwords.
The outbreak of Conficker is reportedly the worst one to hit corporations since Nimda in 2001.
A recent security report highlighted threat predictions for the year and mentioned the spread of malware through USB devices and camera sticks would increase. For organizations, the threat was described as "an accident waiting to happen."
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
