Categories: PCSecurityWorkspace

Conficker USB Worm Spreading Quickly

According to a warning issued today by PandaLabs, some six percent (115,000-plus) of the two million computers that it has scanned for the virus in the last week or so have tested positive for Conficker, which is propagated via infected USB memory devices, including MP3 players.

PandaLabs said that the spread of the attack has been fairly ubiquitous worldwide as well, with infections showing up on machines in 83 countries. Over 18,000 machines carrying the threat were found inside the U.S. alone. The company said there were concentrated pockets of affected computers in Brazil, Mexico, Spain and Taiwan as well.

Based the results found within its test group, the company is speculating that Conficker is potentially resident on millions of machines in total. The scope of the attack harkens back to the heyday or massive worm outbreaks in years past, the experts observed.

“Of the two million computers analysed, around 115,000 were infected with this malware, a phenomenon we haven’t seen since the times of the great epidemics of Kournikova or Blaster,” Luis Corrons, Technical Director of PandaLabs, said in a report summary.

“This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels. The outbreak of this worm really highlights the need for users to establish strong passwords both on personal computers and corporate networks, as otherwise, an infection could spread across an entire company leaving computers at the mercy of attackers,” Corrons said.

In addition to the tainted USB angle, PandaLabs said it has also discovered that some variants of the threat are launching brute force attacks that can lift passwords from infected computers, and from internal networks.

The researchers highlighted the fact that the attack is also using an innovative social engineering tactic to spread via USB. After someone attaches an infected device and the Windows options menu appears, Conficker is launched when someone merely attempts to open the folder to see what files the USB holds.

Pointing to the relevance of a Roger Thompson argument I blogged about yesterday, PandaLabs is speculating that “the frequency of weak passwords (common words, own names, etc.) has aided the distribution of this worm.”

Ah, the more things change the more they stay the same, eh? Real live non P2P botnet worm viruses in the wild, it makes me reminiscent for 2003 all over again.

But boy, hasn’t Anna Kournikova’s star faded in just a few short years?

Matthew Hines eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Share
Published by
Matthew Hines eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved.

Recent Posts

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

2 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

4 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

4 hours ago