The Raging Windows Worm has attacked over 8.9 Million Computers

January 19, 2009 by John Messina Downadup Worm

(PhysOrg.com) -- Last week the global internet community was hit by the Downadup worm also know as Conficker, or Kido. This worm is now using multiple ways of infecting computers, including USB sticks. If someone were to take a USB memory stick from one infected computer and plug it into another, it would infect that computer and the network as well. Once a USB memory stick is infected, there is no Microsoft patch to remove the worm.

This attack has been more widespread on corporate networks because companies did not have the patch installed in time. This could have been caused by any number of reasons. For instance an IT Department may have been short handed or have workload related issues preventing the patch from being installed in a timely manner. Microsoft did a good job in having home computers updated with the patch but corporate networks are still being infected.

This worm is very sophisticated because it exploits multiple secure flaws in Microsoft's Windows OS's. The worm starts by injecting itself into one of Microsoft's common system process, services.exe. From there it creates a new random five letter DLL file in the Windows system folder. The Windows registry is then edited to make reference to the DLL file and runs when the computer is restarted.

Once the worm is in the computer system, it creates an HTTP server and proceeds to download malware from the hacker's websites. System restore has been wiped clean and reset on the computer making it impossible to restore your system prior to the infection.

Each day there are hundreds of dummy domain names being generated by an algorithm coded in the worm but only one site is the actual malware site. With this trickery employed, it makes it very difficult to find what is being installed each day.

This worm spreads mainly through corporate networks. An infected computer will scan the network for other computers and gain access through the Windows secure flaw. Even though a password is needed to gain access to other computers, it will guess short passwords by brute force method thereby gaining access to those computers.

The only way to stop this worm is by applying Microsoft's patch MS08-067 before computer networks get infected.

© 2009 PhysOrg.com


print this article email this article download pdf blog this article bookmark this article     Stumble it Digg this share on Facebook retweet share on Reddit add to delicious
Rate this story - 4.9 /5 (11 votes)

Rank Filter

Move the slider to adjust rank threshold, so that you can hide some of the comments.


Display comments: newest first

  • DGBEACH - Jan 19, 2009
    • Rank: 3 / 5 (4)
    Linux...need I say more?
  • frajo - Jan 19, 2009
    • Rank: not rated yet
    eComStation.
    *BSD.
  • YankInOz - Jan 19, 2009
    • Rank: not rated yet
    But NO Apple Macs - Hmmmm
  • Mercury_01 - Jan 19, 2009
    • Rank: not rated yet
    worms are bad.
  • axemaster - Jan 19, 2009
    • Rank: 4 / 5 (1)
    Well, this crap is the reason why i switched to Mac. Despite the lack of games, it doesn't get this crap, so I'm happy.

    Before you flame, I also have a windows gaming computer - I just never connect it to the internet.
  • WolfAtTheDoor - Jan 19, 2009
    • Rank: 1 / 5 (1)
    Viruses happen.
  • Soylent - Jan 19, 2009
    • Rank: 1 / 5 (2)
    Linux...need I say more?


    Yes.
  • denijane - Jan 20, 2009
    • Rank: 5 / 5 (2)
    The moral? Use Linux :)
  • PB94941 - Jan 20, 2009
    • Rank: 1 / 5 (1)
    my main pc still runs windows and will do until Linux becomes more compatible. If you get decent anti virus (Nod32) and don't go on dodgy websites you will be fine. I only use Linux on my computers that are not top spec.
  • CreepyD - Jan 20, 2009
    • Rank: not rated yet
    We've had this virus at work, it's a right pain in the rear. We've spent hours removing it from having it on just a small handful of PC's.
    If they catch who made it, they should be hung or something for wasting millions of man hours.

January 19, 2009 all stories

Comments: 10

4.9 /5 (11 votes)
  • Stumble this up

  • Digg this

  • share this

  • hide

  • Related Stories

  • Help! How to avoid fast-moving computer worm
    created Jan 28, 2009 | popularity not rated yet | comments 0
  • Networking: Human error largely to blame
    created Apr 17, 2006 | popularity not rated yet | comments 0
  • Good hackers meet to seek ways to stop the bad hackers
    created Sep 30, 2009 | popularity not rated yet | comments 0
  • Ants vs. worms: New computer security mimics nature
    created Sep 25, 2009 | popularity not rated yet | comments 0
  • Security researchers offer caution on smart grids
    created Jul 31, 2009 | popularity not rated yet | comments 0



  • hide

  • Relevant PhysicsForums posts

  • I wanna build a robot!
    created 6 hours ago
  • Finding Max Moment for triangular load
    created 22 hours ago
  • Dehumidifier from a walk-in freezer unit?
    created Nov 10, 2009
  • Cloak of invisiblity , what kind of applications can it be usefull for
    created Nov 09, 2009
  • More from Physics Forums - General Engineering

Other News

Creating 3D models with a simple webcam

Creating 3D models with a simple webcam (w/ Video)

Technology / Computer Sciences

created 3 hours ago | popularity 5 / 5 (6) | comments 1

(PhysOrg.com) -- Constructing virtual 3D models usually requires heavy and expensive equipment, or takes lengthy amounts of time. A group of researchers at the University of Cambridge, Qi Pan, Dr Gerhard Reitmayr ...


Bing logo

Microsoft brings more Web data to Bing results; teams up with WolframAlpha

Technology / Internet

created 2 hours ago | popularity not rated yet | comments 0

(AP) -- Microsoft's Bing search service will pull more information and tools from other Web sites as the company tries to distinguish itself as part of its challenge to market leader Google.


Google Wave Client

Many computer users hesitate to ride the Wave

Technology / Internet

created 2 hours ago | popularity not rated yet | comments 2

Google's latest brainchild, Google Wave, is all the rage among bleeding-edge technology enthusiasts. But corporate information technology executives say that while they're intrigued by Wave -- a replacement ...


Google is routing World Bank data to fact seekers

Google routes World Bank data to fact seekers

Technology / Internet

created 1hour ago | popularity not rated yet | comments 0

Google is adding World Bank figures to Internet results in a bid to make hard facts about countries worldwide easier to find.


Google Go

Google Go gets going (w/ Video)

Technology / Software

created 13 hours ago | popularity 4.8 / 5 (4) | comments 4

(PhysOrg.com) -- Google has introduced its new experimental programming language Go, which aims to combine speedy application development through simplified coding with high-speed program execution.




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • physorg mobile
  • newsletter