Comp virus is in 1st step of mayhem

iVillage Member
Registered: 03-23-2003
Comp virus is in 1st step of mayhem
1
Fri, 01-23-2009 - 11:37am

I have auto-update so I know that I'm covered.  Why don't more people sign up for that?? 


 Seattle Post-Intelligencer
http://seattlepi.nwsource.com/business/397185_computerworm23.html

Computer virus is in 1st step of mayhem


Friday, January 23, 2009
Last updated 12:00 a.m. PT


By JOHN MARKOFF
THE NEW YORK TIMES


A new digital plague has hit the Internet, infecting millions of personal and business computers in what seems to be the first step of a multistage attack. The world's leading computer security experts do not yet know who programmed the infection, or what the next stage will be.


In recent weeks a worm, a malicious software program, has swept through corporate, educational and public computer networks around the world. Known as Conficker or Downandup, it is spread by a recently discovered Microsoft Windows vulnerability, by guessing network passwords and by hand-carried consumer gadgets such as USB keys.


Experts say it is the worst infection since the Slammer worm exploded through the Internet in January 2003, and it may have infected as many as 9 million personal computers around the world.


Worms like Conficker harness infected computers into unified systems called botnets, which accept programming from their clandestine masters.


Many computer users may not notice that their machines have been infected, and computer security researchers said that they were waiting for the instructions to materialize, to determine what impact the botnet will have on PC users.


It might operate in the background, using the infected computer to send spam or infect other computers, or it might steal the PC user's personal information.


Microsoft rushed an emergency patch to defend the Windows operating systems against this vulnerability in October, yet the worm has continued to spread at a steady rate even as the level of warnings has grown in recent weeks.


Earlier this week security researchers at Qualys, a Silicon Valley security firm, estimated that about 30 percent of Windows-based computers attached to the Internet remain vulnerable to infection because they have not been updated with the patch, despite the fact that it was made available in October.


The program uses an elaborate technique to permit someone to remotely command it. Each day it generates a new list of 250 domain names. Instructions from any one of these domain names would be obeyed.


It is widely expected by computer security researchers that within days or weeks the bot-herder who controls the programs will send out commands to force the botnet to perform some as yet unknown illegal activity.


© 1998-2009 Seattle Post-Intelligencer







Husky Logo cl-nwtreehugger  Photobucket














Community Leader for:  Photobucket


obama-biden08


 Free Icons




The WeatherPixieSweet Alice

iVillage Member
Registered: 03-18-2000
Fri, 01-23-2009 - 12:42pm

"I have auto-update so I know that I'm covered."


Me too. I'd read this article in the NY Times earlier.


>"One intriguing clue left by the malware authors is that the first version of the program checked to see if the computer had a Ukrainian keyboard layout. If it found it had such a keyboard, it would not infect the machine, according to Phillip Porras, a security investigator at SRI International who has disassembled the program to determine how it functioned."<


http://www.nytimes.com/2009/01/23/technology/internet/23worm.html?ref=todayspaper

Photobucket

 


Photobucket&nbs