Tue, 02/10/2009 - 21:01 — Igor Donchenko
The number of computers infected by the Conficker worm continues to grow, according to data from PandaLabs. A study carried out by PandaLabs revealed that almost 6 percent (5.77%) of computers worldwide are infected by this worm. The study -involving almost 2 million computers- show that the infection, which originated in China, has now extended across 83 countries, and is particularly virulent in Spain, the USA, Taiwan, Brazil and Mexico.
“Of the 2 million computers analyzed, around 115,000 were infected with this malware, a phenomenon we haven't seen since the times of the great epidemics of Kournikova or Blaster”, says Luis Corrons, Technical Director of PandaLabs. “This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels”.
PandaLabs’ researchers have also turned up new data on this dangerous worm. Some variants are launching brute force attacks to extract passwords from infected computers and from internal networks in companies. The frequency of weak passwords (common words, own names, etc.) has aided the distribution of this worm. By harvesting these passwords, cyber-crooks can access computers and use them maliciously.
“This highlights the need for users to establish strong passwords both on personal computers and corporate networks, as otherwise, an infection could spread across an entire company leaving computers at the mercy of attackers”, explains Corrons.
This worm also uses an innovative system of social engineering to spread via USB devices: in the Windows options menu that appears when inserting a USB device, it has disguised the option to run the program (activating the malware) as the option to open the folder to see the files, so when users simply want to see the contents of a memory stick, they will actually be running the worm and infecting their computers.