“Downadup” Computer Virus Infects Millions Worldwide

January 26, 2009 02:36 PM
by findingDulcinea Staff
The Downadup worm, also known as Conficker and Kido, has affected 6 million PCs in just the past three days, according to British officials.

Downadup Virus Attacking Computers at Rapid Pace

The virus, which was first discovered in China in October 2008, has so far spread to 83 countries, particularly the U.S., Spain, Taiwan, Brazil and Mexico. Panda Security, which has scanned 2 million computers for the disease, is calling the outbreak “an epidemic,” estimating that about 6 percent of computers worldwide have been infected.

Estimates on the number of infected computers range from 8 to 15 million, according to United Press International. But Helsinki-based Internet security software firm F-Secure predicts that the virus has reached its peak.

Downadup works by exploiting a bug that was patched last year in Microsoft Security Update MS08-067, as most of the infected machines run on Windows XP. It uses a complex algorithm to extract passwords from computers. The virus can also be spread by USB memory devices such as USB drives or MP3 players.

“This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels,” Luis Corrons, technical director of PandaLabs, said according to PC magazine. “The outbreak of this worm really highlights the need for users to establish strong passwords.”

It is not yet known what the virus’ purpose is and what its effect will be, or whether it was created to cause damage or simply to “demonstrate the originator’s skill,” reports United Press International. Experts say that its effect could be devastating, as it could allow cybercriminals to take control of all of the infected PCs.

“It is scary thinking about how much control they [a hacker] could have over all these computers. They would have access to millions of machines with full administrator rights,” said Mikko Hypponen, chief research officer for F-Secure, a Finnish Internet security firm, to The BBC.

The security firm Symantec claims that computers in North America have seen fewer infections than other regions, which it speculates is due to the fact that countries such as China, India and Russia use a higher percentage of pirated software.

Reference: How to protect yourself

Microsoft’s Help and Support Center has detailed information on the virus, its symptoms and how to remove it. If you haven’t already, download the Microsoft patch MS08-067.

Tech blogger Graham Cluley lists passwords used by the worm to spread—mainly dictionary words, commonly used words such as “password,” and sequences of letters or numbers—and advises computer users to create better passwords.

In general, the Internet is a vast, virtual city filled with people—some of them honest, others less so. To avoid predators of all types, find the information and safeguards you need to safely stroll the streets of the electronic world using findingDulcinea’s Web Guide to Internet Security.

Most Recent Beyond The Headlines