Warning:  Hacking virus spreads to 8 Million computers

 

By DeskDemon

A new sleeper virus that could allow hackers to steal financial and personal information has now spread to more than 8 million computers and  is  said to be one of the most serious infections ever seen, by industry experts.

The Downadup or Conficker worm exploits a bug in Microsoft Windows to infect mainly corporate networks.  Once in, it can potentially expose infected PCs to hijack. 

Mikko Hypponen, chief research officer at anti-virus firm F-Secure told CNN:

“While the purpose of the worm is unclear, its unique ‘phone home’ design, linking back to its point of origin, means it can receive further orders to wreak havoc.”

The worm, which is believed to originate from Ukraine, is growing quickly, despite Microsoft issuing a patch to fix the bug. 

Hypponen explained to CNN the dangers that Downadup poses, who is most at risk and what can be done to stop its spread.

How serious is it?

It is the most serious large scale worm outbreak we have seen in recent years because of how widespread it is, but it is not very serious in terms of what it does. So far it doesn't try to steal personal information or credit card details.

Who is affected?

We have large infections in Europe, the United States and in Asia. It is a Windows worm and almost all the cases are corporate networks. There are very few reports of independent home computers affected.

What does it do?

It is a complicated worm most likely engineered by a group of people who have spent time making it very complicated to analyze and remove. The real reason why they have created it is hard to say right now, but we do know how it replicates.

How does it spread?

The worm does not spread over email or the Web. However if an infected laptop is connected to your corporate network, it will immediately scan the network looking for machines to infect. These will be machines that have not installed a patch from Microsoft known as MS08-067. The worm will also scan company networks trying to guess your password, trying hundreds and hundreds of common words. If it gets in, even if you are not at your machine, it will infect and begin spreading to other servers. A third method of spreading is via USB data sticks.

How can I prevent it infecting my machine?

The best way is to get the patch and install it company-wide. The second way is password security. Use long, difficult passwords -- particularly for administrators who cannot afford to be locked out of the machines they will have to fix.

What can I do if it has already infected?

Machines can be disinfected. The problem is for companies with thousands of infected machines, which can become re-infected from just one computer even as they are being cleared.

Share this page with your friends

 

Share this page with your friends.