Internet security experts are growing increasingly worried about a new worm that is infecting millions of computers around the globe. The infection, known as “Conficker” or “Downadup,” is spreading through a recently uncovered vulnerability in Microsoft Windows. So far the worm has infiltrated business, government and personal networks, as well as consumer devices such as USB memory sticks.
Though it first appeared in October, Conficker has exploded in recent weeks. The rapid spread of the worm seems to be “the first step of a multistage attack,” according to the New York Times. Experts don’t yet know what the worm is designed to do, but fear the worst is yet to come.
Unlike a virus, worms do not need to attach themselves to applications to spread. Instead, they infect large numbers of computers to form so-called “botnets,” which can then execute malicious orders from hackers.
Conficker exploits the MS08-067 vulnerability in Microsoft Windows, which allows it to guess weak passwords and thereby infiltrate networks. An estimated 9 to 10 million computers have now been infected, most during the last week. Microsoft released a patch for the vulnerability in October, but an updated version of Conficker seems to be immune to the fix.
Conficker is the most potent worm to appear in years, and experts are comparing it to Blaster, the notorious worm that in 2003 snarled hundreds of thousands of computer systems, including banking and transportation networks.
This worm could cause similar mischief. According to the Register, it has “hit a Sheffield hospital and is suspected of infecting UK Ministry of Defence systems, including local area networks on warships.”
But as the Associated Press points out, the worm may be a dud: “The virus doesn’t appear to be working as its designers intended. F-Secure’s chief security adviser, Patrik Runald, said the virus’s coding suggests a type of bug that alerts computer users to bogus infections on their machines and offers to help by selling them antivirus software. Instead, the virus is simply spreading to little effect, though it may still pose a threat to infected computers.”
If this all sounds a bit familiar, it is. Global worms that infect millions of computers sound pretty horrific, and tend to generate a good deal of buzz as they spread. But with the rare exception, most turn out to be relatively benign. One admittedly cynical reporter in Detroit went so far as to allude to a conspiracy theory, wondering “if the antivirus software makers don’t have a financial need to somehow get together and get everybody so worked out that they rush out to buy more software.”
Yet security experts seem genuinely worried about Conficker. Rick Wesson, chief executive of Support Intelligence, a computer security consulting firm in San Francisco, told the New York Times, “If you’re looking for a digital Pearl Harbor, we now have the Japanese ships steaming toward us on the horizon.”
