The Raging Windows Worm has attacked over 8.9 Million Computers

Jan 19, 2009 by John Messina

Downadup Worm

(PhysOrg.com) -- Last week the global internet community was hit by the Downadup worm also know as Conficker, or Kido. This worm is now using multiple ways of infecting computers, including USB sticks. If someone were to take a USB memory stick from one infected computer and plug it into another, it would infect that computer and the network as well. Once a USB memory stick is infected, there is no Microsoft patch to remove the worm.

This attack has been more widespread on corporate networks because companies did not have the patch installed in time. This could have been caused by any number of reasons. For instance an IT Department may have been short handed or have workload related issues preventing the patch from being installed in a timely manner. Microsoft did a good job in having home computers updated with the patch but corporate networks are still being infected.

This worm is very sophisticated because it exploits multiple secure flaws in Microsoft's Windows OS's. The worm starts by injecting itself into one of Microsoft's common system process, services.exe. From there it creates a new random five letter DLL file in the Windows system folder. The Windows registry is then edited to make reference to the DLL file and runs when the computer is restarted.

Once the worm is in the computer system, it creates an HTTP server and proceeds to download malware from the hacker's websites. System restore has been wiped clean and reset on the computer making it impossible to restore your system prior to the infection.

Each day there are hundreds of dummy domain names being generated by an algorithm coded in the worm but only one site is the actual malware site. With this trickery employed, it makes it very difficult to find what is being installed each day.

This worm spreads mainly through corporate networks. An infected computer will scan the network for other computers and gain access through the Windows secure flaw. Even though a password is needed to gain access to other computers, it will guess short passwords by brute force method thereby gaining access to those computers.

The only way to stop this worm is by applying Microsoft's patch MS08-067 before computer networks get infected.

© 2009 PhysOrg.com

Explore further: Risky behaviour starts young on social media: survey

Related Stories

US weighs tougher action over China cyberattacks

Feb 01, 2013

(AP)—High-level talks with the Chinese government to address persistent cyberattacks against U.S. companies and government agencies haven't worked, so officials say the Obama administration is now considering a range of ...

Hackers for hire put corporate security systems to the test

Apr 23, 2012

Most weekdays, Jarrad Sims and Tin Tam, a pair of college buddies, ride their bikes to a computer center and try to hack into computer security systems belonging to Boeing Co.

Experts urge stronger online regulation bill

Feb 16, 2012

Cybersecurity experts urged senators Thursday to close loopholes in legislation to give the government more power to force critical industries to make their computer networks more secure.

Bigger US role against companies' cyberthreats?

Feb 06, 2012

(AP) -- A developing Senate plan that would bolster the government's ability to regulate the computer security of companies that run critical industries is drawing strong opposition from businesses that say ...

For Facebook 'Hacker Way' is way of life

Feb 05, 2012

(AP) -- Facebook's billionaire CEO Mark Zuckerberg calls himself a hacker. For most people, that word means something malicious - shady criminals who listen in on private voicemails, or anonymous villains ...

Ramnit's heist bags 45,000 Facebook passwords

Jan 06, 2012

(PhysOrg.com) -- Ramnit, the bank-thieving worm, is at it again, this time scoffing up Facebook accounts. The latest oh-look-another-threat is one that security watchers say could get ugly. Ramnit has grown ...

Recommended for you

Risky behaviour starts young on social media: survey

34 minutes ago

Australian children are accessing social media websites at an increasingly younger age, a new survey suggests, with one in five "tweens" admitting they have chatted to someone online they do not know.

Teens share more online, see privacy issues, study finds

13 hours ago

American teenagers are sharing more information about themselves on social media sites, but taking steps to protect their privacy online, a study showed Tuesday.

Poll: Teens migrating to Twitter (Update)

17 hours ago

Twitter is booming as a social media destination for teenagers who complain about too many adults and too much drama on Facebook, according to a new study published Tuesday about online behavior. It said ...

Social media plagued by privacy problems, say researchers

21 hours ago

The privacy management of 16 popular social networking sites, including Facebook and Twitter, is "seriously deficient," according to a study being published in the June issue of Computer magazine.

Cyber risks for those with heads in the cloud

22 hours ago

Australian home computer users and businesses are being warned to consider more closely the risks associated with cloud computing, as well as its many advantages.

Seniors are attractive targets for online fraud

May 21, 2013

Victims of online fraud need greater support to help them overcome the often serious health effects that follow discovery of the deception, QUT cybersecurity researcher Cassandra Cross says.

User comments : 10

Adjust slider to filter visible comments by rank

Display comments: newest first

DGBEACH

2.6 / 5 (5) Jan 19, 2009

Linux...need I say more?

frajo

1 / 5 (1) Jan 19, 2009

eComStation.
*BSD.

YankInOz

1 / 5 (1) Jan 19, 2009

But NO Apple Macs - Hmmmm

Mercury_01

not rated yet Jan 19, 2009

worms are bad.

axemaster

4 / 5 (1) Jan 19, 2009

Well, this crap is the reason why i switched to Mac. Despite the lack of games, it doesn't get this crap, so I'm happy.

Before you flame, I also have a windows gaming computer - I just never connect it to the internet.

WolfAtTheDoor

1.5 / 5 (2) Jan 19, 2009

Viruses happen.

Soylent

1 / 5 (2) Jan 19, 2009

Linux...need I say more?

Yes.

denijane

5 / 5 (2) Jan 20, 2009

The moral? Use Linux :)

PB94941

1 / 5 (1) Jan 20, 2009

my main pc still runs windows and will do until Linux becomes more compatible. If you get decent anti virus (Nod32) and don't go on dodgy websites you will be fine. I only use Linux on my computers that are not top spec.

CreepyD

not rated yet Jan 20, 2009

We've had this virus at work, it's a right pain in the rear. We've spent hours removing it from having it on just a small handful of PC's.
If they catch who made it, they should be hung or something for wasting millions of man hours.

More news stories

Risky behaviour starts young on social media: survey

Australian children are accessing social media websites at an increasingly younger age, a new survey suggests, with one in five "tweens" admitting they have chatted to someone online they do not know.

Sony mulls hedge fund's entertainment sale idea

Sony's CEO Kazuo Hirai says the electronics giant's board will discuss a proposal by U.S. hedge fund manager Daniel Loeb to spin off up to 20 percent of its movie, TV and music division.

French-Asian firms reveal LNG contract in Canada

A consortium comprising French, South Korean and Chinese companies has won a contract for a liquefied natural gas project in Canada, the French partner Technip said on Wednesday.

Solar plane set for new leg of cross-country US trip

The first-ever manned airplane that can fly by day or night on solar power alone was set to soar early Wednesday on the second leg of its journey across the United States.

Apple case seen as possible spur to tax action

Now that tech favorite Apple Inc. has been dragged front and center into the debate over the U.S. tax code, lawmakers are hoping that the spotlight on such a high-profile company could be the catalyst for ...

Optical computing could benefit from recent development of novel electromagnetic wave

An unusual wave that does not spread out as it travels could become a key component in speedy computer chips that use beams of light to carry and process data. Jiao Lin, a physicist at the A*STAR Singapore ...

Italy approves law on controversial stem cell therapy

Italian lawmakers on Wednesday gave their final approval to a law that allows limited use of a controversial type of stem cell therapy which has been condemned by many scientists but has given hope to families of terminally-ill ...

British wildlife faces 'stark' threat as species decline

British wildlife is under serious threat, according to a major new study out Wednesday, which found that 60 percent of species assessed have declined in numbers over the past 50 years.

Social media puts HR ethics under the spotlight

Social media has definitely changed the game for job-seekers and recruiters. Traditionally, HR recruiters placed an advertisement, sifted through the responses, and interviewed the shortlisted candidates ...

Single-cell sequencing

When studying any kind of population—people or cells—averaging is a useful, if flawed, form of measurement. According to the US Census Bureau, the average American household size in 2010 was 2.59. Of ...