Worm’s next attack

Jan 25th, 2009 | 1 Comment

The worm that’s infected millions of Windows PCs is a “very well-engineered” piece of malware. But researchers still have no clear idea what the hackers plan to do with the collection of computers they’ve compromised with “Downadup.”

Downadup, also called “Conficker,” has infected an estimated 6% of PCs worldwide . The worm spreads by exploiting a four-month-old vulnerability in Windows, by brute-force password attacks and by hitchhiking on USB devices like flash drives.

And effective. Most researchers, including those at Symantec, have said the worm is the most invasive seen in the last six years.

The faster hackers can come up with an exploit and put it on the street, the better luck they usually have, for fewer users patch their machines in the first days or weeks after a vulnerability is fixed.

Although some researchers now say that Downadup seems to have peaked — F-Secure Corp. Friday noted that its “growth…has been curbed” — researchers remained worried about the next step in the attack.

Most malware infects PCs so that hackers can then use the collected machines, dubbed a “botnet,” to send spam, attack Web sites or compromise more computers. To do that, the original attack code directs the now-controlled PC, a “bot” in security parlance, to download additional software.

But Downadup has yet to trigger such second-stage downloads.

Written by Ajay Matharu

January 25th, 2009 at 3:59 pm

Posted in Technology,Virus

Tagged with , , , ,

  • http://straw000.wordpress.com/ straw000

    Hello!! I see you have a tech blog too and it’s doing pretty good!! : ) I just made a new tech blog that is updated several times a day with tech tips and reviews and I hope you can comment or add this blog to your blogroll!! Comment back if you add me to your blogroll so that I can add you too!! Please visit my blog link below!! Thanks a lot!! :D

    http://allthatsnew.wordpress.com/