This resource is no longer available
Shavlik Customer Update: What is the Conficker worm, referred to as "Downadup"?
A new sleeper virus that could allow hackers to steal financial and personal information that has spread to more than 9 million computers in what industry analysts say is one of the most serious infections they have ever seen. Experts say a single infected laptop could expose an entire network to the worm. This worm exploits a previously patched vulnerability addressed in Microsoft Security Bulletin MS08-067. This worm attempts to propagate via multiple methods including removable media. Downadup worm exploits a bug in Microsoft Windows to infect mainly corporate networks, where - although it has yet to cause any harm - it potentially exposes infected PCs to hijack.
The worm spreads by accessing computers over the NetBIOSSMB ports 139 and 445. It can also infect computers via malicious code on USB devices. Once a computer is infected it scans the local network looking for other machines to infect. If it can't propagate to other systems via the vulnerability, it attempts to logon to the admin$ share by brute-forcing usernamepassword combinations until it mounts the hard drive.
Shavlik Technologies offers solutions that can help protect your organization from the Downadup worm. Read this paper to learn more.
- Shavlik Technologies
- 11 Feb 2009
- 11 Feb 2009
- White Paper