Downadup Worm
Results 1 to 7 of 7

Thread: Downadup Worm

Hybrid View

  1. #1
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    Downadup Worm

    Here is a new (9-Jan-2009) domain blocklist for the Downadup Worm, courtesy of F-Secure:

    http://www.securityfocus.com/blogs/1566



    More info and a link to a disinfection tool here:

    http://www.f-secure.com/weblog/archives/00001574.html
    Last edited by nihil; January 11th, 2009 at 12:53 PM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  2. #2
    Senior Member
    Join Date
    Jun 2003
    Posts
    348
    Hi Nihil,
    Been away for a month from computer (my new world record) and read this article today in our newspaper :
    http://www.news.com.au/heraldsun/sto...10-663,00.html
    I can see you posted on 9/jan, look like things go little bit slower here.
    Any obvious signs to look into?

  3. #3
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Here is some more recent news:


    http://www2.journalnow.com/content/2...omputers/news/

    It is estimated that some 9million computers have been affected so far.

    http://www.news.com.au/technology/st...014239,00.html

    http://www.computerworld.com/action/...ource=rss_news
    Last edited by nihil; January 24th, 2009 at 08:05 PM.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  4. #4
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    Update

    OK make that 10,000,000 and rising. Pundits are now predicting a phase 2 payload distribution.

    The Downadup worm—also called Conflicker—has now infected an estimated 10 million PCs worldwide, and security experts say they expect to see a dangerous second-stage payload dropped soon.
    More here:

    http://www.privacydigest.com/2009/01...next+shoe+fall

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  5. #5
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,053
    Aye according to Panda 1 in 16 are infected, I wonder if that is a record?!

  6. #6
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I hear that it is now at 15,000,000. In "raw scores" that probably is a record, as I think that the Storm worm got to around 10,000,000.

    It is difficult to make comparisons though, as the computer population and number of internet users has been growing exponentially. With that there has been a proportionate increase in the number of people using pirated/unpatched software?

    It does seem to be slowing up though.

    The Microsoft Malicious Software Removal Tool now detects it.
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  7. #7
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190

    Talking Get Snorting

    I am posting this here rather than as a new thread.

    COLUMBIA, Md., January 29, 2009 - Open source innovator and SNORT' creator, Sourcefire, Inc. (Nasdaq:FIRE), a leader in Enterprise Threat Management, today announced that its customers and Snort users have had zero-day protection from the rapidly spreading W32.Downadup/Conficker worm.
    The article is here:

    http://www.darkreading.com/security/...leID=213000041

    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. Sasser worm begins spreading
    By SDK in forum Microsoft Security Discussions
    Replies: 10
    Last Post: May 4th, 2004, 07:30 AM
  2. SANS WebCast: SQL Slammer Worm, Complete with expert commentary
    By xmaddness in forum Microsoft Security Discussions
    Replies: 0
    Last Post: January 27th, 2003, 11:18 PM
  3. SQL Sapphire Worm Analysis
    By s0nIc in forum AntiVirus Discussions
    Replies: 2
    Last Post: January 27th, 2003, 12:23 PM
  4. New Worm in the Wild "Winevar"
    By prodikal in forum AntiVirus Discussions
    Replies: 3
    Last Post: November 28th, 2002, 03:25 AM
  5. Researchers predict worm that eats the Internet in 15 minutes
    By prodikal in forum AntiOnline's General Chit Chat
    Replies: 6
    Last Post: October 24th, 2002, 11:03 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •