Category: stone age

How Serious is the Downadup.b/Conflicker Worm?

Paul

In there latest post F-secure has updated how many people are infect and I’ll quote:

Today’s calculation is a total of 8,976,038 infections worldwide and 353,495 unique IP addresses.

That’s a quite a big difference compared to our last number — there will be a follow up post coming soon to explain the methodology.

[Via F-secure]

F-secure has noticed it went up from 3,521,230 infections worldwide. This Worm has doubled in over a day.  So I have done some twitter searching to see if anyone has recently tweeted about this and I find this one comment:
[ad#ad2-right]

WTF? suddenly my antivirus is popping with warnings about a W32.Downadup.B … but I havent received any attachs or installed anything!

[Via Twitter Mklopez]

I’d thought I show you how important it is for you to get ready for a very hard fight ahead of yourselves.  You see this hasn’t even begun with this worm.

Here’s are some of the tweets:

2 customers, have this conflicker.worm problem and we are trying every possible solution but nothing turned out to be solved

[Via Twitter  Candegger]

@carnal0wnage Hey happy new year, what malware one of my clients just had a large outbreak of the conflicker virus, pretty good virus

[Via twitter MarcoFigueroa]

[ad#ad2-right]This worm doesn’t need to be downloaded because it will use exploits that are currently unpatched in the systems .  This worm seems to be spreading by USB sticks and you should really turn that off. If you think you’ve gotten this virus, please check out my Malware Resources and also some of the other post about this worm:

I hope these resources help you fight that worm and help people get your system back to normal.

Check out my other Posts about Conflicker/Downadup Worm.

Blasting the Downadup.b/Conflicker back to the Stone-age!

Paul

It has been talked about the last few days where there is a worm hitting the computers who haven’t done the Microsoft Update MS08-067 which was release out of cycle and still have some systems has not been patched.  It has also been reported that it is spreading around the internet really quickly.   According to Computer World:

[ad#ad2-right]The worm, which was first reported by Panda and other security companies on Dec. 31, 2008, exploits a vulnerability in the Windows Server service that’s part of all currently supported versions of Microsoft’s operating system, including Windows 2000, XP, Vista, Server 2003 and Server 2008.


[via Computer World]

It seems Microsoft has scolded people who haven’t patched for the October emergency update. Accusing users of playing “Russian Roulette”  and scolding them for not promptly updating their system to remove the vulnerability.

Symantec Blogged about this security of this program and how it was a variant of Downadup.b.  It also talks about how they are seeing an even more increase on this worm that was supposed to be patched by people who use Windows 2000 Server.

[ad#ad2-left]F-secure did a post about Downadup/Conflicker and how they took an Preemptive domain block list for this worm.   They have also seen an increase in this worm and they are trying to prevent this worm from gaining ground.   Talking about this being a network worm, in more ways then one.  Some have even seen it being sent through USB drives.   If you have a system you want to protect you should stop autorun.

Here are some links to better help you get this worm off your system:

In order to remove this worm, you must do a complete system scan with any of the free virus scanning programs.  You’ll need to update your virus database before you do the scan.  You may even want to try the free virus scanners tha are online to get rid of this worm.   These should help you get rid of this worm, but you must remember to install the update or you will get the worm again.  The MS08-067 Patch should be installed as soon as possible you can find the patch here.