New Windows Worm-Attack Most Severe in Recent Times

btarunr · Jan 17, 2009

Some of the most severe worm attacks in memory include the infamous w32.nimda, w32.sasser and w32.blaster: all pieces of software affecting Windows PCs, and their ever-fragile defenses against new-forms of malware. Enter Downadup aka Conficker worm. This worm targets Windows PCs and servers. Mikko Hypponen, chief research officer at anti-virus firm F-Secure points out to the possibility of this new worm originating from Ukraine, after the security software firm reverse-engineered the virus. It is said to have a unique "phone back home" property that makes it potentially dangerous to let stay on an infected machine, as it could steal and send back vital/confidential data. The worm transmits itself across local networks and the wide-area networks over internet, scanning for and infecting as many machines as it finds. Microsoft on its part had dispatched a security update for all its current Windows operating systems (MS08-067) that fixes the vulnerability the worm takes advantage of, available via Microsoft Update.

The infection rate of this worm is severe to very-severe. Corporate networks are the worst hit despite them - usually - having the best security measures in place. "On Tuesday there were 2.5 million, on Wednesday 3.5 million and today [Friday], eight million, It's getting worse, not better." said F-Secure's Hypponen. The makers of the worm have put in a great deal of work to ensure it is difficult to detect and remove. Not much more is known about the purpose of this worm, except that it steals data and replicates itself at phenomenal rates. While the worm doesn't send itself stray over the internet or by e-mail, for home and corporate networks, it immediately scans and discovers new machines to infect. The worm also has the intelligence to guess passwords for password-locked shares. The best way to counter this worm is by securing your networks, downloading and applying Microsoft's patch to all machines of the network, and setting tough, long alphanumeric passwords for your network resources such as routers and shares. Individual machines are easy to disinfect, but not large corporate networks with layers of security. The problem is for companies with thousands of infected machines, which can become re-infected from just one computer even as they are being cleared.

View at TechPowerUp Main Site

exodusprime1337 · Jan 17, 2009

thanx btarunr for posting this, good information to have early. makes me wonder why more people aren't forum browsers. you get info pretty quick here.

kenkickr · Jan 17, 2009

Their to caught up with Facebook, MySpace, and IMVU!! All junk if you ask me!

Mussels · Jan 17, 2009

sigh. another reason to insist my housemates get an antivirus. They seem to think that by not clicking email attachments they're safe.

So far, there is no windows update in windows 7 beta unless it was included in the one for windows defender.

insider · Jan 17, 2009

Corporate networks have the best security measures? :laugh:

There is nothing on my XP64 windows update page, was the patch just released today, or might I have already installed it 2-3 days ago?

mlee49 · Jan 17, 2009

btarunr said:
... and setting tough, long alphanumeric passwords for your network resources such as routers a...

Thats how I have my router, my phone 10 digit phone number is my pass.

Mussels · Jan 17, 2009

kaspersky linked me to here

http://www.viruslist.com/en/alerts?alertid=203996089

insider: corporate networks are more secure than the average home network... in theory at least.

Weer · Jan 17, 2009

I used to be afraid of viruses. Now I just keep the Windows install disk handy.

Mussels · Jan 17, 2009

mlee49 said:
Thats how I have my router, my phone 10 digit phone number is my pass.

and you just failed at security, for telling people who know you what your password is.

passwords should always contain letters and numbers, and if you want it secure use symbols and a mix of capital and lower case letters.

http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Microsoft page with links to the updates to block the worm.

FordGT90Concept · Jan 17, 2009

insider said:
Corporate networks have the best security measures?

There is nothing on my XP64 windows update page, was the patch just released today, or might I have already installed it 2-3 days ago?

Yeah, I got I think three updates a day or two ago on XP64/Server 2k3 x64. I don't know if it addresses this problem though. :confused:

Mussels · Jan 17, 2009

according to the link i listed above, MS was made aware of this a month or two ago and worked on a fix.

Assume that if you are upto date with windows updates and you have a real antivirus, that you are safe.

insider · Jan 17, 2009

I think it might have been released a few days ago on the update site, either way it won't be able to infect our standalone/small LAN systems assuming you configure it like mines

mlee49 · Jan 17, 2009

Mussels said:
and you just failed at security, for telling people who know you what your password is.

passwords should always contain letters and numbers, and if you want it secure use symbols and a mix of capital and lower case letters.

If you can find my phone # you deserve access to my router. I never said which phone number I use, nor the exact order now did I

Mussels · Jan 17, 2009

mlee49 said:
If you can find my phone # you deserve access to my router. I never said which phone number I use, nor the exact order now did I

one of my friends did the same thing, bragging how it was based on his phone number. didnt take me long to get his housemates mobile, and grab the house and mobile numbers from it and get access to his router and internet..
Dont forget that hackers/some viruses have automated tools - if they know its based on your phone numbers they can just add those and let a brute force attacker do the rest.

I generate my passwords with uhh, quantum physics calculations and uhh.. klingon proverbs. hack that

(misidrection ftw!)

Castiel · Jan 17, 2009

I just found a update and I am installing now.

mlee49 · Jan 17, 2009

Mussels said:
one of my friends did the same thing, bragging how it was based on his phone number. didnt take me long to get his housemates mobile, and grab the house and mobile numbers from it and get access to his router and internet..
Dont forget that hackers/some viruses have automated tools - if they know its based on your phone numbers they can just add those and let a brute force attacker do the rest.

I generate my passwords with uhh, quantum physics calculations and uhh.. klingon proverbs. hack that (misidrection ftw!)

Yeah most virus' run massive barrages of attempts to hack a password, but a 10 digit number has millions of variants that would take an abnormally long time to crack. Even if you knew the 10 numbers it would take a crazy long time.

I'll reconsider my password as now I feel inferior to your quantum physics calculations. :wtf:

Password fail is normally due to people having the same password for multiple accounts, I know people that use the same password for multiple access points and this is screaming total rape if someone cracked their pass.

Delta6326 · Jan 17, 2009

well that sucks for whom ever gets it but im pretty sure i can't get it, if im right i really cant get any virus my internet comes from a metal rod on my roof and i get internet from cell towers and my ip changes all the time, but i really don't know a lot about worms or viruses or how you get them

Mussels · Jan 17, 2009

Delta6326 said:
well that sucks for whom ever gets it but im pretty sure i can't get it, if im right i really cant get any virus my internet comes from a metal rod on my roof and i get internet from cell towers and my ip changes all the time, but i really don't know a lot about worms or viruses or how you get them

worms dont care how fancy your password is, or if your internet comes from magic beans.

Your browser had to open a port to type the message you just typed, and have it appear online - that port is now open for a worm to pass out of. The same is true for them to pass back IN.

A good all in one AV and firewall is all you need to be safe, and windows updates block these really big ones anyway.

worms arent the same as a regular virus as they dont need you to click an exe or view a website, they just need a connection to your PC and they'll happily borrow another programs connection to do so.

(and of course i was kidding about the quantum physics password. mine are just numbers and letters)

NeSeNVi · Jan 17, 2009

from the link:
"Microsoft Security Bulletin MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
Published: October 23, 2008"

so insider, you propably has that update for a long time

OnBoard · Jan 17, 2009

Seems there are a lot of unupdated systems around the world. Downloaded the patch and it said 'doesn't apply to our system' then read this

Quick Details
File Name: Windows6.0-KB958644-x64.msu
Date Published: 10/22/2008

Don't have automatic updates on, but even my manual update cycle isn't that long

[I.R.A]_FBi · Jan 17, 2009

im safe

woozers · Jan 17, 2009

how come there is an update for wxp sp2 but isn't for sp3?

z1tu · Jan 17, 2009

just changed my password to one that is a serial number from a random bill

hack that ... 11 digit even

Haytch · Jan 18, 2009

I think its time you all change your passwords. <--< Nothing like some paranoia.

This worm seems effective and efficient, i like it. Reminds me of Cisco's speed.

DRDNA · Jan 18, 2009

mlee49 said:
Even if you knew the 10 numbers it would take a crazy long time.

.

theres a program that runs on GPU's that would do it pretty damn fast :eek:

System Name	RBMK-1000
Processor	AMD Ryzen 7 5700G
Motherboard	Gigabyte B550 AORUS Elite V2
Cooling	DeepCool Gammax L240 V2
Memory	2x 16GB DDR4-3200
Video Card(s)	Galax RTX 4070 Ti EX
Storage	Samsung 990 1TB
Display(s)	BenQ 1440p 60 Hz 27-inch
Case	Corsair Carbide 100R
Audio Device(s)	ASUS SupremeFX S1220A
Power Supply	Cooler Master MWE Gold 650W
Mouse	ASUS ROG Strix Impact
Keyboard	Gamdias Hermes E2
Software	Windows 11 Pro

System Name	HOMECOMPUTER
Processor	Intel i9 - 9900k @ 5.1Ghz - 1.31v
Motherboard	Asux ROG Maximus XI Hero Wifi
Cooling	ek supremacy evo full nickle, 2xEK 360 Radiators, ek d5 pump/res combo, ek full cover 2080ti block
Memory	16GB DDR 3600 Trident Z RGB
Video Card(s)	Gigabyte RTX 2080TI
Storage	1xWD black NVME 500GB, 1xSamsung 970 Evo Plus NVME 1TB
Display(s)	2 Dell Gaming 27" 1440P Gsync
Case	Lian LI PC-011 Dynamic
Audio Device(s)	onboard
Power Supply	Evga P2 1200Watt
Mouse	Zowie FK1+
Keyboard	Corsair Strafe rgb silent
Software	Windows 10 Pro
Benchmark Scores	i'm working on that

System Name	Addison Clark
Processor	Ryzen 9 7950x3D delid
Motherboard	Asus X670E Hero
Cooling	Custom Bykski loop CPU, GPU, 2x 360 rads, and 1x 280 rad with Arctic P12 and P14 ARGB fans
Memory	G.Skill DDR5-6000 64GB CL30
Video Card(s)	Gigabyte 4090 Aorus Master
Storage	Kingston Fury 2TB and 4TB NVME
Display(s)	Samsung 57"
Case	Lian Li O11 mini
Audio Device(s)	Onboard
Power Supply	Thermaltake 1000w SFX-L
Mouse	Corsair Dark Core RGB SE
Keyboard	Corsair K95 Platnium
Software	Win 11 Pro

System Name	Rainbow Sparkles (Power efficient, <350W gaming load)
Processor	Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard	Asus x570-F (BIOS Modded)
Cooling	Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory	2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s)	Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage	2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s)	Phillips 32 32M1N5800A (4k144), LG 32" (4K60) \| Gigabyte G32QC (2k165) \| Phillips 328m6fjrmb (2K144)
Case	Fractal Design R6
Audio Device(s)	Logitech G560 \| Corsair Void pro RGB \|Blue Yeti mic
Power Supply	Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse	Logitech G Pro wireless + Steelseries Prisma XL
Keyboard	Razer Huntsman TE ( Sexy white keycaps)
VR HMD	Oculus Rift S + Quest 2
Software	Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores	Nyooom.

System Name	The Dove Box Rev 5.0
Processor	9800x3D
Motherboard	Asus 870E STRIX
Cooling	Custom Water
Memory	32 GB 6400 MTs
Video Card(s)	Asus 3080 TUF
Storage	2TB Crucial T705
Display(s)	32" LG 1440p 180hz
Case	Lian Li O11 Dynamic
Audio Device(s)	ON BOARD FTW
Power Supply	Corsair 1000W
Mouse	Corsair something
Keyboard	Steelseries
Software	Win 10 64x

New Windows Worm-Attack Most Severe in Recent Times

btarunr

Editor & Senior Moderator

exodusprime1337

kenkickr

Mussels

Freshwater Moderator

insider

Guest

mlee49

Mussels

Freshwater Moderator

Weer

New Member

Mussels

Freshwater Moderator

FordGT90Concept

"I go fast!1!11!1!"

Mussels

Freshwater Moderator

insider

Guest

mlee49

Mussels

Freshwater Moderator

Castiel

mlee49

Delta6326

Mussels

Freshwater Moderator

NeSeNVi

New Member

OnBoard

New Member

[I.R.A]_FBi

woozers

New Member

z1tu

Haytch

DRDNA

System Name	//////////////////////////////////////Crunching/Folding Builds\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
Processor	Q8400@ 4.0Ghz \| Q6600 @ 3.6Ghz \| E7300 @ 3.8Ghz \| E5300 @ 4.3Ghz \| E5300 @ 3.9Ghz \| E2180 @ 2.0Ghz \|
Motherboard	ASUS P5Q-E \| Asus P5Q Pro \| Gigabyte EG45-DS2H \| Gigabyte EP35-DS3H \| Gigabyte NV73 \| E-Sonic P35-G
Cooling	TRUE [Lapped] \| TRUE \| Thermalright SI-128 \| Stock \| Stock \| Stock
Memory	G.Skill 8192MB @ 1066Mhz \| G.Skill 4096MB \| OCZ 2048MB \| G.Skill 2048MB \| PNY 2048MB \| OCZ 1024MB
Video Card(s)	GTX 280 + 8800 GTS 512 \| 9800 GX2 + 8800 GTS 512 \| 6600 GT \| 8800 GS \| 9600 GSO 512
Storage	G.Skill 64GB SSD (OS) \| Segate 750GB [Downloads] \| 5TB JBOD [Movies] \| 3TB JBOD [Else] \| 1.5TB [Ex]
Display(s)	QUAD Monitors: Dell 2007FP [20"] + Dell 3007WFP-HC [30"] + Dell 2007FP [20"] \| Dell 2407WFP-HC [24"]
Case	Antec P190 \| Antec Three-Hundred \| Antec NSK2400 \| Thermaltake Strike MX \| HEC 6T10 \| HEC 8K01
Audio Device(s)	Creative X-Fi XtremeGamer PCI + [Audiophile HD600] + [Creative G500 + Logitech X-530 = 10 speakers]
Power Supply	OCZ 750w [62A] \| OCZ 750w [62A] \| Antec 380w [31A] \| Antec 650w [54A] \| OCZ 400w [33A] \| GeN [20A]
Software	Windows 7 Ultimate 64-bit + Windows XP 64-bit \| Windows Vista SP2 64-bit \| Windows 7 RTM 64-bit
Benchmark Scores	////////////////////////////////66,666 [Crunching] + 45,455 [Folding]\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

System Name	BY-2021
Processor	AMD Ryzen 7 5800X (65w eco profile)
Motherboard	MSI B550 Gaming Plus
Cooling	Scythe Mugen (rev 5)
Memory	2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s)	AMD Radeon RX 7900 XT
Storage	Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s)	Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case	Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s)	Realtek ALC1150, Micca OriGen+
Power Supply	Enermax Platimax 850w
Mouse	Nixeus REVEL-X
Keyboard	Tesoro Excalibur
Software	Windows 10 Home 64-bit
Benchmark Scores	Faster than the tortoise; slower than the hare.

Processor	Intel i5-3570K @ 3.4Ghz
Motherboard	Asrock LGA1155 Z77 Extreme 4
Cooling	Cooler Master Evo 212
Memory	16GB (4X4) G.Skill Ripjaw 2 DDR3-1600
Video Card(s)	Nvidia gForce GTX 660ti
Storage	1x Samsung 840 EVO 256GB 6Gb/s, 1x WD 500GB 6Gb/s, 1x WD 80GB 3Gb/s
Display(s)	ASUS VH242H Black + 2 HP 2311x 23" LED
Case	Fractal Design R4
Audio Device(s)	Realtek OnBoard Both
Power Supply	Cooler Master 850w
Software	Windows 7 Ultimate 64-bit SP1

System Name	THE CUBE 2.0
Processor	Intel i5 13600k
Motherboard	MSI MPG Z690 EDGE DDR4
Cooling	Phanteks PH-TC14PE BK 2x T30-120 Fan mod mount
Memory	G.Skill TridentZ 3200 MT/s C15 32GB 2x16GB
Video Card(s)	PNY RTX 5080 OC Triple Fan
Storage	WD SN770 250GB / 3x WD SN850X 2TB / Toshiba X300 4TB / 2x RAID1 Toshiba P300 3TB
Display(s)	Samsung 49" Odyssey OLED G95SC 240Hz 5120 x 1440
Case	"THE CUBE" Custom built, pure Red Alder wood
Audio Device(s)	Beyerdynamic DT 880, Logitech Z-2300
Power Supply	Corsair RM1000X
Mouse	Logitech G700
Keyboard	Logitech G910
Software	Windows 11 Pro

Processor	Core i5-750 @ 3.6GHz 1.136V 24/7
Motherboard	Gigabyte P55A-UD3, SATA 6Gbit/s & USB3.0 baby!
Cooling	Alpenföhn Brocken HeatpipeDirectTouch
Memory	Geil Ultra Series 4GB 2133MHz DDR3 @ 1440MHz 7-7-7-24
Video Card(s)	Gigabyte GTX 460 1GB OC (mostly stock speeds)
Storage	OS: Samsung F3 500GB Games: Samsung F1 640GB
Display(s)	new! Samsung P2350 23" FullHD 2ms / Mirai DTL-632E500 32" LCD
Case	new! Xigmatek Midgard/Utgard side window with red cathodes, 1x140mm & 3x120mm fans
Audio Device(s)	new! ASUS Xonar DG & JVC HA-RX700 headphones
Power Supply	Cougar CM 700W Modular
Software	Windows 7 Home Premium x64
Benchmark Scores	Logitech UltraX Premium & G5 laser v2 + Ulti-mat Breathe X2 for fragging

Processor	C2Q6600 @ 1.6 GHz
Motherboard	Anus PQ5
Cooling	ACFPro
Memory	GEiL2 x 1 GB PC2 6400
Video Card(s)	MSi 4830 (RIP)
Storage	Seagate Barracuda 7200.10 320 GB Perpendicular Recording
Display(s)	Dell 17'
Case	El Cheepo
Audio Device(s)	7.1 Onboard
Power Supply	Corsair TX750
Software	MCE2K5

System Name	NFA i guess
Processor	A64 3500+ Venice
Motherboard	MSI K8N NEO4-F PCB v3.0
Cooling	Box on CPU, 2x 12cm GT Silentblades
Memory	2*512MB ValueRAM
Video Card(s)	Biostar 7900GS
Storage	Seagate ST3160815AS
Display(s)	Samsung 940N
Case	Compucase 6A21
Audio Device(s)	Audigy SE
Power Supply	FSP ATX-400PNF

System Name	OptimusFine
Processor	AMD Ryzen 7 9800X3D
Motherboard	Gigabyte X870E Aorus Elite WIFI7
Cooling	Arctic Liquid Freezer III 360 Black
Memory	Corsair Vengeance 32GB DDR5 6000MHz CL30
Video Card(s)	Gigabyte RTX 3080 12GB Gaming OC
Storage	Samsung M.2 SSD 960 Evo 250GB / 2 Crucial SSD MX500 2TB & 1 1TB / Seagate 2TB Hdd / Toshiba 2Tb Hdd
Display(s)	Alienware AW3423DW, ASUS ROG PG279Q
Case	Cooler Master H500M
Audio Device(s)	Steelseries Arctis 7+ / Logitech Z533
Power Supply	Corsair RM850X
Mouse	Logitech G502 Lightspeed
Keyboard	Corsair Strafe RGB
VR HMD	Oculus Rift
Software	Windows 11 Pro 64-bit

System Name	_Speedforce_ (Successor to Strike-X, 4LI3NBR33D-H, Core-iH7 & Nemesis-H)
Processor	Intel Core i9 7980XE (Lapped) @ 5.2Ghz With XSPC Raystorm (Lapped)
Motherboard	Asus Rampage VI Extreme (XSPC Watercooled) - Custom Heatsinks (Lapped)
Cooling	XSPC Custom Water Cooling + Custom Air Cooling (From Delta 220's TFB1212GHE to Spal 30101504&5)
Memory	8x 8Gb G.Skill Trident Z RGB 4266MHz @ 4667Mhz (2x F4-4266C17Q-32GTZR)
Video Card(s)	3x Asus GTX1080 Ti (Lapped) With Customised EK Waterblock (Lapped) + Custom heatsinks (Lapped)
Storage	1x Samsung 970 EVO 2TB - 2280 (Hyper M.2 x16 Card), 7x Samsung 860 Pro 4Tb
Display(s)	6x Asus ROG Swift PG348Q
Case	Aerocool Strike X (Modified)
Audio Device(s)	Creative Sound BlasterX AE-5 & Aurvana XFi Headphones
Power Supply	2x Corsair AX1500i With Custom Sheilding, Custom Switching Unit. Braided Cables.
Mouse	Razer Copperhead + R.A.T 9
Keyboard	Ideazon Zboard + Optimus Maximus. Logitech G13.
Software	w10 Pro x64.
Benchmark Scores	pppft, gotta see it to believe it. . .

Processor	INTEL CORE I9-9900K @ 5Ghz all core 4.7Ghz Cache @1.305 volts
Motherboard	ASUS PRIME Z390-P ATX
Cooling	CORSAIR HYDRO H150I PRO RGB 360MM 6x120mm fans push pull
Memory	CRUCIAL BALLISTIX 3000Mhz 4x8 32gb @ 4000Mhz
Video Card(s)	EVGA GEFORECE RTX 2080 SUPER XC HYBRID GAMING
Storage	ADATA XPG SX8200 Pro 1TB 3D NAND NVMe,Intel 660p 1TB m.2 ,1TB WD Blue 3D NAND,500GB WD Blue 3D NAND,
Display(s)	50" Sharp Roku TV 8ms responce time and Philips 75Hz 328E9QJAB 32" curved
Case	BLACK LIAN LI O11 DYNAMIC XL FULL-TOWER GAMING CASE,
Power Supply	1600 Watt
Software	Windows 10