Conficker worm strikes 4 percent of PCs

**Glaswegian** · 04-03-2009, 01:43 PM

Security experts at IBM have said that the impact of the Conficker.C worm may be higher than previously thought.

After scanning 2 million computers over the past 24 hours, IBM's Internet Security Systems (ISS) division said Thursday that it had spotted the worm on 4 percent of the IP addresses it monitored.

Although Conficker is clearly the worst worm outbreak in years, the results came as a surprise, according to Holly Stewart, a threat response manager with ISS. "It is higher than what we expected; I thought we'd see 1 to 2 percent," Stewart said.

Late last week, IBM researchers reverse-engineered Conficker and figured out a way to track infections by measuring peer-to-peer traffic on the network. They used that technique to reach their estimate.

The results are similar to numbers released earlier this week by OpenDNS, which said it had also spotted a much larger number of infections than expected. Both IBM and OpenDNS' numbers count Conficker.C, the latest variant of the worm, and one that is easier to spot communicating on the network.

Conficker began spreading in October 2008, using a handful of sneaky tricks to spread. Once it infects a machine, it can spread very quickly on a local area network by taking advantage of a now-patched flaw in Microsoft Windows.

http://www.techworld.com/security/ne...&NewsID=113831

04-03-2009, 01:43 PM	#1 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 25,393 OS: Win XP Pro SP3 / Win 7 Pro My System Blog Entries: 10	Conficker worm strikes 4 percent of PCs Security experts at IBM have said that the impact of the Conficker.C worm may be higher than previously thought. After scanning 2 million computers over the past 24 hours, IBM's Internet Security Systems (ISS) division said Thursday that it had spotted the worm on 4 percent of the IP addresses it monitored. Although Conficker is clearly the worst worm outbreak in years, the results came as a surprise, according to Holly Stewart, a threat response manager with ISS. "It is higher than what we expected; I thought we'd see 1 to 2 percent," Stewart said. Late last week, IBM researchers reverse-engineered Conficker and figured out a way to track infections by measuring peer-to-peer traffic on the network. They used that technique to reach their estimate. The results are similar to numbers released earlier this week by OpenDNS, which said it had also spotted a much larger number of infections than expected. Both IBM and OpenDNS' numbers count Conficker.C, the latest variant of the worm, and one that is easier to spot communicating on the network. Conficker began spreading in October 2008, using a handful of sneaky tricks to spread. Once it infects a machine, it can spread very quickly on a local area network by taking advantage of a now-patched flaw in Microsoft Windows. http://www.techworld.com/security/ne...&NewsID=113831 __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner