Downadup worm now infects 1 in every 16 PCs, says Panda Security
Scans show 6% of PCs already hit with worm; figure may be as high as 30%
Computerworld - The computer worm responsible for the biggest attack in years has infected at least one out of every 16 PCs worldwide, a security company said today, and it may have managed to compromise as many as nearly one in three.
According to Panda Security, almost 6% of the Windows systems scanned with its antivirus technology were found to be infected with "Downadup," a worm that began aggressive attacks just over a week ago. Panda was one of the first security firms to sound an alarm over Downadup when it raised its security threat level on Jan. 12 as reports of attacks mounted.
Using data from antivirus scans performed by its consumer-grade security software and by a free online scanning tool that it makes available on its Web site, Panda found 111,379 PCs infected with the worm out of a pool of 2 million machines.
"I'm pretty confident in this number," said Ryan Sherstobitoff, chief corporate evangelist at Panda Security, as he cautioned it was just a snapshot. "Conficker is still infecting high volumes of machines and is a fast-propagating worm."
Conficker is an alternate name for the Downadup worm.
In fact, Panda's estimate is probably very conservative, Sherstobitoff said, since the bulk of the infected computers were scanned when their owners took the time to steer their browsers to the company's online scanner.
"The 6% was of people coming to our site and opting in for the scans. That's somewhat scary," said Sherstobitoff. "If we were actually to look at the [general] population, all the people who don't have antivirus -- or if they do, who haven't updated definitions -- the infection rate might be in the range of 20% to 30%."
While there has been some disagreement among security researchers about Downadup's infection volume -- last week, for instance, some disputed F-Secure Corp.'s estimate of 8.9 million infected PCs -- there has been little argument about the relative size of the worm attack. Nearly every researcher has pegged it as the biggest in years.
Today, Panda joined the chorus. "This is the biggest in at least six years," said Sherstobitoff.
Luis Corrons, the technical director of Panda's research lab, put it in the same terms. "[This is] a phenomenon we haven't seen since the times of the great epidemics of Kournikova or Blaster," said Corrons in a statement, referring to major worm attacks of 2001 and 2003, respectively.
And things will get worse before they get better, both Corrons and Sherstobitoff predicted. "This is an epidemic, and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels," Corrons said.
"We're still getting lots of reports of infections," echoed Sherstobitoff. "It could be a week or a week and a half before it slows down."
On a related note, the U.S. Computer Emergency Readiness Team (US-CERT) today said that Microsoft's advice for disabling Windows' "Autorun" feature is flawed and leaves users open to attack from the worm.
- Downadup worm now infects 1 in every 16 PCs, says Panda
- US-CERT: Microsoft's advice on Downadup leaves users open to attack
- FAQ: How to protect your PC against the Downadup worm
- 'Amazing' worm attack infects 9 million PCs
- 1 in 3 Windows PCs vulnerable to worm attack
- Researcher: Worm infects 1.1M Windows PCs in 24 hours
- 'Huge increase' in worm attacks plagues unpatched Windows PCs
- Microsoft releases emergency Windows patch to head off worm attack
Read more about Security in Computerworld's Security Topic Center.
- Enable secure remote access to 3D data without sacrificing visual perfomance Design and manufacturing companies must adapt quickly to the demands of an increasingly global and competitive economy. To speed time to market for...
- Virtually Delivered High Performance 3D Graphics "A picture is worth a thousand words." That old phrase is as true today as it ever was. Pictures (i.e., those with heavy...
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!