Windows worm infects millions worldwide

Downadup described by security experts as one of the most ‘prolific’ worms seen in years

  • E-Mail
By  Vineetha Menon Published  January 18, 2009

A devastating new worm has infected millions of computers around the world and still continues to spread.

Downadup/Conficker worm targets Windows OS users and was first detected in October last year prompting Microsoft to release a ‘critical’ patch with seemingly little success as new variants emerge.

Finnish anti-virus maker F-Secure Corp now estimates that the number of infected machines has jumped from 2.4 million to more than 8.9 million in just four days. In contrast, Symantec states that so far 3 million systems are infected with “one of the more prolific worms we’re seen in years”.

“It is targeting unpatched Windows XP SP2 and Windows 2003 SP1 systems, causing problems for business who have not upgraded these systems. Because many consumer systems automatically update to the latest patches, we are seeing less infections to home machines,” stated Symantec.

It attempts to make connections to computers across a network, looking for systems with open shares, removable media and weak passwords, or those that don’t have the latest security updates installed.

Downadup instructs infected systems to visit one or more of the estimated 250 control servers (domain names) to download instructions and malicious software upgrades from the worm’s creators. The malware keeps a system lock on its entire file making it difficult for standard tools to remove or even access the threat while operational.

While there is no information available on how widespread Downadup is in the Middle East, Symantec stated that the “threat continues to impact mainly SMB and enterprises and most infections are being tracked in East Asia and South America – predominately China, Argentina and Chile.”

If you think your system has been infected, follow Microsoft’s recovery advice published online.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code