A malicious worm targeting the Windows operating system is “skyrocketing” and indications are that the infections could “get worse,” according to security software vendor F-Secure.
The worm, known as Conficker, Downadup, or Kido, is spreading through improperly configured computer networks, USB and other memory sticks as well as Windows PCs without the latest security updates.
F-Secure said that the principal target of the malware are corporate Windows servers that have not been patched properly with the latest security updates.
The anti-virus and software security company said that an estimate 8.9 million machines were infected with the virus, but other security experts estimate that the number could be much higher than that. A senior technology consultant with anti-virus company Sophos, said in an interview with UK’s BBC news that the outbreak was “of a scale they had not seen for some time.”
Microsoft said that the malware has already infected many computers across the world, with machines in China, Brazil, Russia and India having the most number of victims.
The worm is believed to be capable of cracking computers with weak passwords, but is able to infect computers through memory sticks without needing to break any password protection.
It infects machines by searching for “services.exe,” a core Windows file, and attaching itself to that file. After creating a DLL library file with a random name, it runs itself as a service on the machine, creates a web server and downloads files from the hacker’s web site.
While most malware download from a limited number of hacker websites, Conficker, according to F-Secure, generates hundreds of domain names a day, making it hard to track down the site used to download the hackers’ files and shut it down.
The worm, known as Conficker, Downadup, or Kido, is spreading through improperly configured computer networks, USB and other memory sticks as well as Windows PCs without the latest security updates.
F-Secure said that the principal target of the malware are corporate Windows servers that have not been patched properly with the latest security updates.
The anti-virus and software security company said that an estimate 8.9 million machines were infected with the virus, but other security experts estimate that the number could be much higher than that. A senior technology consultant with anti-virus company Sophos, said in an interview with UK’s BBC news that the outbreak was “of a scale they had not seen for some time.”
Microsoft said that the malware has already infected many computers across the world, with machines in China, Brazil, Russia and India having the most number of victims.
The worm is believed to be capable of cracking computers with weak passwords, but is able to infect computers through memory sticks without needing to break any password protection.
It infects machines by searching for “services.exe,” a core Windows file, and attaching itself to that file. After creating a DLL library file with a random name, it runs itself as a service on the machine, creates a web server and downloads files from the hacker’s web site.
While most malware download from a limited number of hacker websites, Conficker, according to F-Secure, generates hundreds of domain names a day, making it hard to track down the site used to download the hackers’ files and shut it down.
