Downadup worm now infects 1 in every 16 PCs, says Panda Security
Scans show 6% of PCs already hit with worm; figure may be as high as 30%
Computerworld - The computer worm responsible for the biggest attack in years has infected at least one out of every 16 PCs worldwide, a security company said today, and it may have managed to compromise as many as nearly one in three.
According to Panda Security, almost 6% of the Windows systems scanned with its antivirus technology were found to be infected with "Downadup," a worm that began aggressive attacks just over a week ago. Panda was one of the first security firms to sound an alarm over Downadup when it raised its security threat level on Jan. 12 as reports of attacks mounted.
Using data from antivirus scans performed by its consumer-grade security software and by a free online scanning tool that it makes available on its Web site, Panda found 111,379 PCs infected with the worm out of a pool of 2 million machines.
"I'm pretty confident in this number," said Ryan Sherstobitoff, chief corporate evangelist at Panda Security, as he cautioned it was just a snapshot. "Conficker is still infecting high volumes of machines and is a fast-propagating worm."
Conficker is an alternate name for the Downadup worm.
In fact, Panda's estimate is probably very conservative, Sherstobitoff said, since the bulk of the infected computers were scanned when their owners took the time to steer their browsers to the company's online scanner.
"The 6% was of people coming to our site and opting in for the scans. That's somewhat scary," said Sherstobitoff. "If we were actually to look at the [general] population, all the people who don't have antivirus -- or if they do, who haven't updated definitions -- the infection rate might be in the range of 20% to 30%."
While there has been some disagreement among security researchers about Downadup's infection volume -- last week, for instance, some disputed F-Secure Corp.'s estimate of 8.9 million infected PCs -- there has been little argument about the relative size of the worm attack. Nearly every researcher has pegged it as the biggest in years.
Today, Panda joined the chorus. "This is the biggest in at least six years," said Sherstobitoff.
Luis Corrons, the technical director of Panda's research lab, put it in the same terms. "[This is] a phenomenon we haven't seen since the times of the great epidemics of Kournikova or Blaster," said Corrons in a statement, referring to major worm attacks of 2001 and 2003, respectively.
And things will get worse before they get better, both Corrons and Sherstobitoff predicted. "This is an epidemic, and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels," Corrons said.
"We're still getting lots of reports of infections," echoed Sherstobitoff. "It could be a week or a week and a half before it slows down."
On a related note, the U.S. Computer Emergency Readiness Team (US-CERT) today said that Microsoft's advice for disabling Windows' "Autorun" feature is flawed and leaves users open to attack from the worm.
- Downadup worm now infects 1 in every 16 PCs, says Panda
- US-CERT: Microsoft's advice on Downadup leaves users open to attack
- FAQ: How to protect your PC against the Downadup worm
- 'Amazing' worm attack infects 9 million PCs
- 1 in 3 Windows PCs vulnerable to worm attack
- Researcher: Worm infects 1.1M Windows PCs in 24 hours
- 'Huge increase' in worm attacks plagues unpatched Windows PCs
- Microsoft releases emergency Windows patch to head off worm attack
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts