Alert: Worm infects 3.5 million Windows PCs worldwide

Alert: Worm infects 3.5 million Windows PCs worldwide

Tags:   Downadup  F-Secure  Windows vulnerability  worm infection

By Victor Ng | Jan 15, 2009

The computer worm that exploits a month-old Windows bug has infected more than a million PCs in the last 24 hours.

F-Secure estimated that 3.5 million PCs worldwide have been compromised by the "Downadup" worm, an increase of more than 1.1 million new infections since Wednesday, 14 January 2009.

Chia Wing Fei, Security Response Manager at F-Secure, said, “They do this by trying to connect to various Web addresses. And if the worm finds an active Web server at one of these domains, it will download and run a particular executable..."

This gives the malware gang a free hand to do whatever they want with all of the infected machines. "They could build a large botnet, for example. The framework is in place.”

Normally, malware uses only one or maybe a handful of websites. Such sites are generally easy to locate and shut down.

Then there is Downadup.

It uses a complicated algorithm that changes daily and is based on timestamps from public websites such as Google.com and Baidu.com. With this algorithm, the worm generates many possible domain names every day, such as: qimkwaify .ws, mphtfrxs .net, gxjofpj .ws, imctaef .cc, and hcweu .org.

 
 
12

Similar

Related Articles

Add comment

Post a Comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <a> <p> <span> <div> <h1> <h2> <h3> <h4> <h5> <h6> <img> <img /> <map> <area> <hr> <br> <br /> <ul> <ol> <li> <dl> <dt> <dd> <table> <tr> <td> <em> <b> <u> <i> <strong> <font> <del> <ins> <sub> <sup> <quote> <blockquote> <pre> <address> <code> <cite> <embed> <object> <strike> <caption>
  • Lines and paragraphs break automatically.
  • Use <!--pagebreak--> to create page breaks.

More information about formatting options

 

Similar

Related Articles

knowledge_central_tab

 
 
Knowledge Central
Today's top security priorities
Attacks based on vulnerabilities in websites are skyrocketing, and not many solutions are available to protect organizations against them. How do you deal with this and other key security issues today?
Taking a holistic business-centric approach to security
Today’s CIOs face multiple challenges, including the need to innovate in an extremely competitive business climate, address highly dynamic regulatory and compliance challenges, speed ROI to counter shrinking IT budgets, and secure their organizations against a wide barrage of sophisticated threats.
 
 
 
UTM product offers Logansport Savings Bank superior protection
Astaro Security Gateway’s IPS was able to block attacks that other intrusion prevention systems (IPS) missed at Logansport Savings Bank.
Hong Leong Financial opts for Juniper Networks at new Malaysia head office, data center
Hong Leong Financial Group Berhad builds complete and seamless data center and office network infrastructure with Juniper switches, security devices and Junos software.
 
 
 

Recent popular content

Most Read
Merging SIM and IAM systems
DNSSEC predictions optimistic
WhiteHat Security reveals top 10 Web hacking techniques
Social networking sites are phishing traps
RSA conference tackles social networking

Site map
Search Security Asia
About Us
Print/Digital Subscription
Sales
Feedback
Security Tips
Expert Opinions
Research
White Papers
Case Studies

Blogs
Topics
Application security
Disaster recovery and business continuity
Identity management and access control
Information security careers, training and certifications
Topics
Network and Internet Security
Security best practices
Security threats
Surveillance and facilities management
Media
Videos
Podcasts
Webcasts
News
RSS