January 26, 2009
"Downadup" Virus Infecting Millions of PCs Worldwide
United Press International is reporting today that the Downadup virus (also known as Conficker or Kido) may have infected as many as 15 million PCs worldwide. The main vector for infection would seem to be unpatched Microsoft Windows network share drives and USB drives, rather than email.
Reports are that infections are most widespread outside of the US. Our anti-virus partners at F-Secure report, in this blog post that "China, Russia, and Brazil have the highest IP count. Combined, they account for nearly 41 percent of the total... Only a bit over 1 percent came from the United States…" Presumably, this is due to less stringent application of patches and the use of pirated Microsoft software.
All-in-all, this is a good reminder that viruses continue to be a serious enterprise threat and organizations need to adopt a holistic strategy for preventing virus infections — including having up-to-date virus protection at the email gateway and end-user desktop levels, as well as being diligent about applying the latest OS and application security patches.
Link to UPI story: http://www.upi.com/Top_News/2009/01/26/Virus_strikes_15_million_PCs/UPI-19421232924206/
Link to F-Secure blog post on Downadup: http://www.f-secure.com/weblog/archives/00001589.html
After downadup infects your computer, you can no longer download updates from Microsoft and most antivirus software vendors. One thing the virus does is block requests from you computer to these web sites. Alternative downloads can be found at www.downadup.com, along with tools for disabling AutoPlay, and repairing the registry.
Posted by: Phil Barnhart | January 27, 2009 at 07:53 AM