Slashdot Mirror

← Back to Stories (view on slashdot.org)

Downadup Worm — When Will the Next Shoe Drop?

Posted by timothy on from the it-looks-like-you're-using-windows dept.

alphadogg writes "The Downadup worm — also called Conflicker — has now infected an estimated 10 million PCs worldwide, and security experts say they expect to see a dangerous second-stage payload dropped soon. 'It has the potential to infect about 30% of Windows systems online, a potential 300 to 350 million PCs,' says Don Jackson, director of threat intelligence in the counter threat unit at SecureWorks. The worm, first identified in November and suspected to have originated in the Ukraine, is quickly ramping up, and while Downadup today is not malicious in the sense of destroying files — its main trick is to block users from accessing antivirus sites to obtain updates to protect against it — the worm is capable of downloading second-stage code for darker purposes."

5 of 295 comments (clear)

  1. Re:Why is it.. by nathan.fulton · · Score: 5, Insightful

    ".. that I can't get windows apps to do what i want without crashing, but it runs teh evil viruses perfectly?"
    Because there is a 100% correlation between a virus crashing and a virus writer's lost profit. With most legitimate software, a crash leaves only one practical option: keep using the crapware and hope it doesn't crash again.

  2. Re:what will it download? by hobbit · · Score: 5, Insightful

    while Downadup today is not malicious in the sense of destroying files

    How quaint! The idea that someone might infect millions of PCs just to delete people's files is so 20th century.

    --
    "Wise men talk because they have something to say; fools, because they have to say something" - Plato
  3. Re:Keep spreading lies by NeverVotedBush · · Score: 5, Insightful

    The both of you should probably add "that you know of".

    The reality is that Linux boxes are highly prized. Their owners frequently have high speed connections and Linux can do all sorts of fun things.

    Linux isn't perfect. There have been any number of security issues that would allow a knowledgeable hacker easy access. It all depends on if you kept your systems up to date and patched, didn't set up and allow unnecessary services, had a good firewall policy with a default deny/drop stance, etc.

    Linux comes out of the box now pretty secure but it hasn't always. And individual user habits can also compromise a system. Add to that the fact that one of the big ways into a system now is through add-on things like flash and such, and the knowledge that there have been kernel bugs that let user applications get root with a single command (things like vmsplice), and there is a possibility that your Linux boxes are rooted and you just don't know it.

    For the record, I run Linux almost exclusively and am no fan of Windows. But people need to understand that just running Linux is not a guarantee of safety. I'm also not questioning your capabilities. It's just that blanket statements about Linux security should probably be qualified.

  4. Re:Keep spreading lies by ozmanjusri · · Score: 5, Insightful
    They know to keep Windows up to date and run a scan at least once a week for any suspicious. They've also learned to not click on every fool link there is just because they can.

    Why bother?

    Linux is free, and it's easier to learn Linux than how to keep Windows clean.

    --
    "I've got more toys than Teruhisa Kitahara."
  5. Re:Keep spreading lies by Spit · · Score: 5, Insightful

    A better counter is not to click links posted by anonymous idiots.

    --
    POKE 36879,8