netdef (![[info]](http://l-stat.livejournal.com/img/userinfo.gif){kind=small} netdef) wrote,@ 2009-01-16 17:13:00 |
|
I told you so! Conficker Worm spreading ~ 10 Million computers in a week.
I always wanted a post title like that . . .
The Conficker Worm is making it's rounds and may very well become the most aggressive and fastest spreading malware in history with a truly nasty payload. I'm not going to count the Melissa Virus or the "I Love You" Virus of a few years ago, because as rampant as they were, their payload was relatively benign.
This new worm takes advantage of a multi-pronged attack to infect new victims. It's first intent is to create a new BotNet and "zombify" your computer. It's other mission is to steal passwords, personal info and account information in an attempt at mass identity theft.
It's using a vulnerability in Windows that was patched last month by Microsoft as the primary vector, then it attempts to use AutoRun on USB drives as well as a brute force Administrator account password hack once it gets inside a local area network.
So if you haven't yet, get patched completely to the most up to date versions you can, and turn off AutoRun on your clients and servers, and make sure all accounts on your systems that have Admin rights also have strong passwords. Even if you are using a home computer behind a firewall, make sure your account has a password.
More info here:
http://www.pcworld.com/article/157876/p
I always wanted a post title like that . . .
The Conficker Worm is making it's rounds and may very well become the most aggressive and fastest spreading malware in history with a truly nasty payload. I'm not going to count the Melissa Virus or the "I Love You" Virus of a few years ago, because as rampant as they were, their payload was relatively benign.
This new worm takes advantage of a multi-pronged attack to infect new victims. It's first intent is to create a new BotNet and "zombify" your computer. It's other mission is to steal passwords, personal info and account information in an attempt at mass identity theft.
It's using a vulnerability in Windows that was patched last month by Microsoft as the primary vector, then it attempts to use AutoRun on USB drives as well as a brute force Administrator account password hack once it gets inside a local area network.
So if you haven't yet, get patched completely to the most up to date versions you can, and turn off AutoRun on your clients and servers, and make sure all accounts on your systems that have Admin rights also have strong passwords. Even if you are using a home computer behind a firewall, make sure your account has a password.
More info here:
http://www.pcworld.com/article/157876/p
