Downadup - One of the Deadliest Windows Worms Ever?

**Chef** · 24-04-2009, 01:39 PM

Finland based firm, F-Secure Corp has estimated that 3.5 million PCs have been compromised by the “Downadup” worm, an increase of more than 1.1 million since Tuesday. This worm, which exploits a months-old Windows bug has infected more than a million PCs in the past 24 hours alone.
The worm, which several security companies have described as surging dramatically during the past few days, exploits a bug in the Windows Server service used by all supported versions of Microsoft Corp.’s operating system, including Windows 2000, XP, Vista, Server 2003 and Server 2008.
The soaring number of infections by Downadup, also called “Conficker” by some security companies, prompted Microsoft to add detection for the worm to its Malicious Software Removal Tool (MSRT), the anti-malware utility that the company updates and redistributes each month to Windows machines. The MSRT scans for known malware, then scrubs the system of any it finds.
It appears that the highest number of infection reports had come from the U.S., Canada, Mexico, Korea and several European countries, including the U.K., France and Germany. The worm generates hundreds of possible domain names daily using a complex algorithm. Those controlling this worm only need to predetermine one possible domain for tomorrow, register it and set up a Web site, and they then gain access to all of the infected machines. Pretty clever. Even so, F-Secure has registered some of the possible hosting domains so that it can eavesdrop on the attackers and get an idea of the number of infected PCs.
So, what is the fix for Downadup worm?

Microsoft recommended that Windows users install the , then run the to clean up compromised computers.
It’s not clear whether the hackers behind Downadup are building a botnet of their own. For the moment, they seem satisfied with feeding victims fake security software, which pesters users with pop-ups until they pay for the worthless program.

I suggest everyone to apply the above suggested patch and be safe.

24-04-2009, 01:39 PM	#1
Chef Hardware Support Join Date: Nov 2007 Location: C:/Program Files/Games/ Age: 17 Posts: 965 Thanks: 65 Thanked 52 Times in 49 Posts Rep Power: 13 OS:	Downadup - One of the Deadliest Windows Worms Ever? Finland based firm, F-Secure Corp has estimated that 3.5 million PCs have been compromised by the “Downadup” worm, an increase of more than 1.1 million since Tuesday. This worm, which exploits a months-old Windows bug has infected more than a million PCs in the past 24 hours alone. The worm, which several security companies have described as surging dramatically during the past few days, exploits a bug in the Windows Server service used by all supported versions of Microsoft Corp.’s operating system, including Windows 2000, XP, Vista, Server 2003 and Server 2008. The soaring number of infections by Downadup, also called “Conficker” by some security companies, prompted Microsoft to add detection for the worm to its Malicious Software Removal Tool (MSRT), the anti-malware utility that the company updates and redistributes each month to Windows machines. The MSRT scans for known malware, then scrubs the system of any it finds. It appears that the highest number of infection reports had come from the U.S., Canada, Mexico, Korea and several European countries, including the U.K., France and Germany. The worm generates hundreds of possible domain names daily using a complex algorithm. Those controlling this worm only need to predetermine one possible domain for tomorrow, register it and set up a Web site, and they then gain access to all of the infected machines. Pretty clever. Even so, F-Secure has registered some of the possible hosting domains so that it can eavesdrop on the attackers and get an idea of the number of infected PCs. So, what is the fix for Downadup worm? Microsoft recommended that Windows users install the , then run the to clean up compromised computers. It’s not clear whether the hackers behind Downadup are building a botnet of their own. For the moment, they seem satisfied with feeding victims fake security software, which pesters users with pop-ups until they pay for the worthless program. I suggest everyone to apply the above suggested patch and be safe. __________________

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

New To Site?	Need Help?
Register to Participate Meet our Staff Refer Forum Rules Contact Us	Frequently Asked Questions Did you forget your password? Mark Forums Read

Downadup - One of the Deadliest Windows Worms Ever?

Announcements & News