Jump to content
Sign in to follow this  
Thomas.

Number of Windows' Viruses Skyrockets

Recommended Posts

There is some sort of worm on Windows computer software that is spreading, fast. I was reading a BBC article on it a few minutes ago. The worms "Conficker", "Downadup" or "Kido" were all discovered in October 2008 and have been multiplying ever since. I didn't know where to put this but because it is largely to do with computers, I posted it in here instead of serious chat.

Infections of a worm that spreads through low security networks, memory sticks, and PCs without the latest security updates is "skyrocketing".

The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008.

Anti-virus firm F-Secure estimates there are now 8.9m machines infected.

Experts warn this figure could be far higher and say users should have up-to-date anti-virus software and install Microsoft's MS08-067 patch.

In its security blog, F-Secure said that the number of infections based on its calculations was "skyrocketing" and that the situation was "getting worse".

Speaking to the BBC, Graham Cluley, senior technology consultant with anti-virus firm Sophos, said the outbreak was of a scale they had not seen for some time.

"Microsoft did a good job of updating people's home computers, but the virus continues to infect business who have ignored the patch update.

"A shortage of IT staff during the holiday break didn't help and rolling out a patch over a large number of computers isn't easy.

"What's more, if your users are using weak passwords - 12345, QWERTY, etc - then the virus can crack them in short order," he added.

"But as the virus can be spread with USB memory sticks, even having the Windows patch won't keep you safe. You need anti-virus software for that."

Method

According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code.

It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service.

Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site.

Most malware uses one of a handful of sites to download files from, making them fairly easy to locate, target, and shut down.

Read the rest of the story by clicking here.

Share this post


Link to post
Share on other sites

Ok, they should have came up with more ways to keep your computer prone to the virus(es) but ok.

Thanks for this, I'm updating everything as I type.

"What's more, if your users are using weak passwords - 12345, QWERTY, etc - then the virus can crack them in short order," he added.

This doesn't concern me unless I have the virus, right? D:

Share this post


Link to post
Share on other sites

The thing is, you might not know you actually do have the virus. Many software for detecting such viruses are out of date and may not even recognise it as a virus. Just be aware for now until something is done about it.

Share this post


Link to post
Share on other sites
Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site.

Rofl. That's awesome. Better install an A-V :P.

Share this post


Link to post
Share on other sites

I don't need to watch out from it,i have KIS.Only if it's really bad then i'll put my web anti-virus and firewall(in the AV,of course)to high warning level.

Thanks for the heads up anyway.

Edited by XLR8

Share this post


Link to post
Share on other sites

Do you have the lastest version of AVG or whatever you use - If you're using Norton then I'll laugh - because if you don't you're not likely to be "safe".

As the news article said, not even the latest windows patch can get rid of it. The viruses travel quite easily through memory sticks and USB ports. It's not actally a big worry, unless you go on some fairly indecent sites and programs then you may get it quite easily. At least 1 in 22,000 of us will have it considering how many people do actually use computers and how many have been infected (Over 8 million).

Share this post


Link to post
Share on other sites

KIS is actually Kaspersky Internet Security,you know,top 2 AV.I remember a similar virus that spreaded with removable drives(usb's,dvdrw etc.)that my friend had on his usb,can't remember the name tho.

Share this post


Link to post
Share on other sites
Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site.

Rofl. That's awesome. Better install an A-V :P.

I think I might actually install AVG Internet Security. See how that goes.

--> Tut tut tut. Don't look here...:o

Message from Llama: Predicatble ice 'acquiring' software, tut tut tut. I R NINJA U SPOILA TAGS.

<-- Please don't look there. :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×