9M PCs infected with New Conficker Worm
A malicious Internet worm known as Conficker, Downadup, or Kido that spreads through low security networks, memory sticks and PCs without the latest security updates, is infecting machines by the millions. (Source: bbc.co.uk)
The worm was first discovered in October 2008 and a security patch by Microsoft was issued at that time. However, a recent, new strain of the worm was developed and has managed to infect an estimated 9 million machines with 1 million new infections per day. (Source: sfgate.com)
Microsoft says the worm works by searching for a windows executable file named "services.exe" and becoming part of that code. It then copies itself into the windows system folder as a random .DLL (dynamic link library) file and then modifies the Windows Registry to run the infected .DLL file as a service.
Once the worm is installed, it creates an HTTP server, resets a machine's System Restore point and downloads files from the hacker's web site.
Leading web antivirus F-Secure Corporation says the worm uses a complicated algorithm to generate hundreds of different domain names such as mphfrxs.net, imctaef.cc, and hcweu.org. Only one of those sites will actually be the site used to download the hacker's files, but because it generates so many domains, tracing just one site is almost impossible. (Source: f-secure.com)
Kaspersky Lab's Security analyst Eddy Williams told the British Broadcasting Corporation (BBC) that the newest strain of the worm was complicating matters. "There was a new variant released less than two weeks ago and that's the one causing most of the problem," said Mr. Williams.
Mr. Williams also said that that people who downloaded the latest Microsoft updates and run Microsoft's free Malicious Software Removal Tool should should have little to worry about. It's important that you keep your software updated with the latest security patches.
The worm has infected computers in many different parts of the world, with machines in China, Brazil, Russia and India having the highest number of victims.
More information is available in Microsoft's Security Bulletin MS08-067.
Visit Bill's Links and More for more great tips, just like this one!
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.