Trend Micro (TSE: 4704), a global leader in Internet content security, announced today that it has been informed of a worm which is spreading like wildfire. The worm is called Downadup, or Conficker, and self-propagates by exploiting a Microsoft vulnerability. It is reported that 8.9 million computers have already been affected globally.
Rik Ferguson, Solutions Architect, Solution Service & xSP Business Development, Trend Micro, comments: "From our perspective this is interesting because this 'old school' worm has a command-and-control structure that the victim machines call out to. It's essentially a hybrid of old and new techniques, and we are concerned this could be the first step in the creation a massive botnet."
The worm has been in the wild since late November of 2008. According to the officials, the problem is global. Infections have been seen in North America, Asia, Europe, South America, Australia and New Zealand and Africa, and the problem is still growing.
"There are three main reasons why this worm is able to spread so effectively. The first and most important being unpatched machines, so recommendation number one, keep your machines up-to-date with all available patches at all times. It also spreads through removable media and network shares via autorun files. It is standard security practice to disable the autorun feature in Windows. Finally, it also tries to replicate through brute force password cracking attempts, so enforce strong password policy on all user accounts," suggests Ferguson. Consumers are also advised to check the Trend Micro Safe Computing Guide:
http://us.trendmicro.com/us/threats/home-user/preventing-intrusions/safe-computing-guide/
With the Smart Protection Network and the latest Trend Micro Engine and Pattern files, Trend Micro can provide detection for this worm in the cloud and at the gateway, server and end-point.
Share