Downandup/Conficker worm infects 9 million PCs

Sheila · Jan 21, 2009

http://tech.yahoo.com/blogs/null/116396

Judging from the complaints and questions filling my inbox, Windows security looks like it's already on track for its worst year this decade. The latest attack is a worm called Downandup, Downadup, Kido!, or Conficker (all the same thing), and it primarily seems to be being delivered via infected USB drives.

How's it work? By tricking you into running the virus by modifying the way "autorun" works when you plug in a drive. Look closely at the screenshot above and you'll see two entries for "Open folder to view files." The one at the top is a phony entry that actually installs the virus on your machine... but of course it's the default selection that pops up when you plug in a drive. Once installed, the virus spreads like crazy via a separate flaw in Windows networking system (now patched, so be sure to run Windows Update if you haven't lately) and can quickly infect a whole office. F-Secure has more analysis on the clever way it tricks you into installing the malware yourself.

How bad has it gotten? Estimates range from 3.5 million infected in the first four days after it bean spreading to 9 million impacted... and gettng worse. By now I figure the numbers could top 15 or 20 million...

Click on the link for more info.

Hound dog · Jan 21, 2009

Wow. Not good.

Now see......I'd never have chosen that first option because it had "install" in the title. That would've made me suspicious right away.

Did have something wierd happen in the computer lab at school today though........ I'd gone in there to print out some lectures for my online classes. Got on a computer, put in my user name and password. Clicked on the site I needed, went to go into blackboard...only it suddenly decided to pop an add up to purchase more security for Windows??

Lucky for me the computer tech guy was already in the room. I went straight to him without touching anything. He had me try twice more while he watched. Then he tried. I dunno what was going on, if it was a virus or what, but it surely was weird.

Marguerite · Jan 21, 2009

I looked tihs up and found the Symantec link. Here it is:

http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-010717-4209-99

This link proves that this is not a hoax and also gives tips on how to deal with the problem.

For so many reasons, we have gone to great pains in our household to be free of Microsoft software. That way, any holes that could be exploited are not an issue for us.

Not useful info for those who havne't done this, however.

husband & I are able to read Microsoft files easily, but they get opened in something else. We can save to a Microsoft file so someone with Microsoft can read what we write.

I can't recall the last time we had a virus cause us trouble. Years, certainly.

husband gets them in the PCs at work, his own Mac laptop is the back-up and safe repository in those events. If everything ever goes down in his department, it will be a disaster. It has often gone down entirely in the easy child network, but his little laptop soldiers on and so they can still function until everything else has been repaired and is back in business.

You can get Mac viruses, but tey are rare. The chance of the Mac getting a virus at the same time as PCs get a virus - very remote. And the same virus couldn't affect both. They are just too different in operating systems.

Marg

janebrain · Jan 22, 2009

Well, I am so attuned to this site that I thought you were talking about our easy child kids! I thought a bunch of our kids were infected with some worm!
Jane

Star* · Jan 22, 2009

Thanks Sheila - EXCELLENT find
Thanks Marg - Another great source

Our office was recently hit with the virus that LOOKS like an AVG update. It pops up and tells you YOU HAVE VIRUSes, you must run this program. If you run it - it's a mess. A file will eventually pop up and ask you to download a "fix" for $39.99 - and when you run that "fix" ? You are actually downloading a fatal error type virus. Once in? It's not totally unfixable but if you don't know what to do and take it to a shop? Most will just wipe your drives clean to make sure they are getting it all. UGH.

It's very close to that Smitfraud virus that is going around.

How to avoid it? If you have AVG? The colors for THEIR log are Yellow top left, black top right, green bottom left, red bottom right.......look at the logo that pops up - if it isn't like that? SHUT DOWN and restart your computer....

It masks itself as the AVG antivirus and has a gold shield like Microsoft update.

*************

This thing looks awful.

TerryJ2 · Jan 22, 2009

Very interesting. Thank you.

LOL, Jane!

Hound dog · Jan 22, 2009

download a "fix" for $39.99

Star, that's exactly the one that popped up on me at school!! OMG!!! So glad it was the school's computer and not mine.......and that I was just printing things off, not using a usb drive. Nichole has been warned that under no circumstances is she to place a usb drive into their computers.

Estherfromjerusalem · Jan 22, 2009

Jane, you are not alone. I thought exactly the same thing!!

Love, Esther

JJJ · Jan 22, 2009

Jane & Esther - my first thought as well! LOL

Downandup/Conficker worm infects 9 million PCs

Sheila

Moderator

Hound dog

Nana's are Beautiful

Marguerite

Active Member

janebrain

New Member

Star*

call 911........call 911

TerryJ2

Well-Known Member

Hound dog

Nana's are Beautiful

Estherfromjerusalem

Well-Known Member

JJJ

Active Member