“Infections of a worm that spreads through low security networks, memory sticks, and PCs without the latest security updates is ‘skyrocketing,'” BBC News reports.
“The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008,” The Beeb reports. “Anti-virus firm F-Secure estimates there are now 8.9m machines infected. Experts warn this figure could be far higher… In its security blog, F-Secure said that the number of infections based on its calculations was ‘skyrocketing” and that the situation was “getting worse.'”
Full article here.
According to F-Secure, the worm attempts “to connect to various Web addresses. And if the worm finds an active Web server at one of these domains, it will download and run a particular executable — thus giving the malware gang a free hand to do whatever they want with all of the infected machines.”
“They could build a large botnet for example. The framework is in place,” F-Secure reports.
“It uses a complicated algorithm which changes daily and is based on timestamps from public websites such as Google.com and Baidu.com. With this algorithm, the worm generates many possible domain names every day,” F-Secure reports. “Hundreds of names such as: qimkwaify .ws, mphtfrxs .net, gxjofpj .ws, imctaef .cc, and hcweu .org.”
“This makes it impossible and/or impractical for us good guys to shut them all down — most of them are never registered in the first place,” F-Secure reports. “However, the bad guys only need to predetermine one possible domain for tomorrow, register it, and set up a website — and they then gain access to all of the infected machines. Pretty clever.”
Full article here.
MacDailyNews Take: Not as clever as us Mac users.
[Thanks to MacDailyNews Reader “Dominic” for the heads up.]
