backtop

Print E-mail del.icio.us 62 comment(s) - last by rcc.. on Feb 25 at 2:48 PM
The worm continues to infect a large number of computers while security experts try and figure out what to do

Microsoft has created a new technology industry posse and a $250,000 reward for people who help turn over the creators of the Conficker worm.

The Conficker worm multiplied like wildfire, and spreads through a hole found in Microsoft Windows systems, though the vulnerability was patched in October.  It also is able to disable anti-malware protection and will block an infected PC from visiting anti-malware vendors Web sites to receive updates.

Security experts are even more worried about the possibility the worm calls home every 24 hours to at least 250 servers each day for instructions or directed actions.

The Houston police department was forced to stop arresting people with traffic warrants because the worm spread its way through the police and city court's computer systems.  Violent offenders were still arrested, but those with outstanding traffic warrants were simply issued citations instead of being arrested, Houston police officials said.

There also was a Conficker outbreak among French military computers, which led to several fighter planes being grounded until everything could be fixed.

Microsoft is working with the Internet Corporation for Assigned Names and Numbers (ICANN) and PC security experts while trying to identify the worm's creators.  VeriSign, NeuStar, Public Internet Registry, Global Domains International, AOL, F-Secure, George Tech, and several other organizations have joined the fight to help capture who ever created the Internet worm.

"As part of Microsoft's ongoing security efforts, we constantly look for ways to use a diverse set of tools and develop methodologies to protect our customers," Microsoft Trustworthy Computing Group G.M. George Stathakopoulos said in a statement.  "By combining our expertise with the broader community we can expand the boundaries of defense to better protect people worldwide."

Security company Symantec reported that more than 2.2 million IP addresses over the past five days have been infected with two different forms of the worm, three months after it first hit the Internet.  To date, it's infected at least 10 million PCs since first being introduced into the wild.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
How about...
By fishbits on 2/13/2009 4:16:46 PM , Rating: 4
How about a 250k reward for turning in owners of networked computers that haven't been patched since October?




RE: How about...
By arazok on 2/13/2009 4:35:57 PM , Rating: 1
How about just making it so windows disables internet access until patches are installed?


RE: How about...
By Dreifort on 2/13/09, Rating: -1
RE: How about...
By PhoenixKnight on 2/13/2009 5:16:14 PM , Rating: 4
Just release a patch that will kick unpatched computers offline.


RE: How about...
By Etsp on 2/13/2009 9:04:08 PM , Rating: 2
Offline to all sites other than the windows update site....


RE: How about...
By bupkus on 2/14/2009 1:08:18 PM , Rating: 2
That would require the user to install all updates, in which case they would be up to date on their security updates, nes pa?


RE: How about...
By xphile on 2/15/2009 9:31:06 PM , Rating: 2
Isn't that called a worm? Lol.


RE: How about...
By nilepez on 2/14/2009 7:44:28 AM , Rating: 3
even dial-up people can patch overnight and/or while they're at work.

Besides, in the past, I've visited friends, who have broadband, that haven't patched in months.

There's just no excuse....not even dial-up is an excuse.


RE: How about...
By AlexWade on 2/14/2009 8:21:34 AM , Rating: 3
I was working on a computer yesterday that was on a cable modem but using XP SP1. The sad fact is millions of people are ignorant and naive. They just click-click-click not ever thinking someone out there might not have their best interests in mind. And there is no class required to use a computer, nobody ever told them. That is why there is so much malware.

I did tell them to use Windows Update. Hopefully they will get SP3 which is more intuitive when it comes to security updates.


RE: How about...
By mindless1 on 2/14/09, Rating: 0
RE: How about...
By SiliconAddict on 2/14/2009 11:35:10 PM , Rating: 2
Yah because a 1MB file is really going to hurt on even dial up. Sorry but enough with the excuses. People are lazy fucktards that is all that there is too it. This is the same shit that happened with the MS blaster outbreak. Patch was out for MONTHS and yet people didn't do shit.


RE: How about...
By Dreifort on 2/16/2009 10:07:33 AM , Rating: 2
whose to say all future updates will be under 1MB??


RE: How about...
By Bateluer on 2/13/2009 4:53:36 PM , Rating: 5
If you do this, you'd have thousands, perhaps millions, of people calling various support lines, irate that they cannot get online to check their myspace.

It sounds great on paper, but most computer users are idiots.


RE: How about...
By arazok on 2/14/2009 12:20:27 AM , Rating: 1
You already have thousands, perhaps millions, of people calling various support lines, irate that they cannot get online to check their myspace. They have viruses.

I feel nothing for them. <spits>


RE: How about...
By bupkus on 2/14/2009 1:11:39 PM , Rating: 3
Most computer users are now just average consumers, looking for a good consumer experience.

Likely quote--

I paid good money for this computer... why doesn't it protect itself?

Probably answer--

Are you saying that you don't ever change the oil in your car?


RE: How about...
By fishbits on 2/13/2009 5:09:27 PM , Rating: 2
"How about just making it so windows disables internet access until patches are installed?"

If for critical seucrity patches... if you're two months out of date... and you were warned weekly after being one month out of date... and Windows offers easy automated and manual ways to update (which it already does)...

That might work. Not foolproof, but it would get a lot of the low-hanging fruit of security gains. Have a way to override this, for "emergency" cases, but make it more onerous than updating, and in the process have the user acknowledge the massive risk increase they're opting for.


RE: How about...
By mindless1 on 2/14/2009 7:11:51 PM , Rating: 2
That would be idiotic and lawsuit-inducing.


RE: How about...
By jay401 on 2/13/2009 6:53:18 PM , Rating: 2
Then you wouldn't be able to download the patches... ;P


RE: How about...
By SiliconAddict on 2/14/2009 11:37:59 PM , Rating: 2
Nope. They could leave a port open for Windows Update and that is all. It could be done, but the lazy cows out there would complain.


RE: How about...
By callmeroy on 2/16/2009 12:27:07 PM , Rating: 2
No. All users shouldn't be forced to endure inconveniences in a product because some users are too dumb to use it / maintain it properly. I don't know if it ever made it to a production car but there were experiments in the 60's within the car industry that in order for the ignition to crank over your seat belt had to be fastened.

Whether its a life saving device or a simple computer -- I'm for you should be free to use it how you want -- outside of breaking other laws with its use.


RE: How about...
By ccmfreak2 on 2/13/2009 4:42:02 PM , Rating: 3
Now that's more like it. Sure the authors should be punished, but there is no excuse for not protecting your system. MS notified us about this hole in October, and the worm showed up in November. This has be publicized for a couple months now. The first month and a half might have been victims (they may have been testing the update on the network) - everything since the beginning of '09 is pure laziness and ignorance. That's enough cause for being removed from admin status.

No network is hack-proof, but this problem and fix has been known for months now.


RE: How about...
By rcc on 2/13/09, Rating: 0
RE: How about...
By omnicronx on 2/13/2009 5:08:17 PM , Rating: 3
If I walk around with a $100 bill safety pinned to my back and someone steals it, who is more to blame?

Security holes are never going to go away,(doesn't matter what OS) if you are not going to keep up with windows updates manually, turn on automatic updates.

Of course the criminal should be blamed, but this would not be an issue if the consumer made us of basic windows functionality.


RE: How about...
By rcc on 2/16/2009 6:05:53 PM , Rating: 2
quote:
If I walk around with a $100 bill safety pinned to my back and someone steals it, who is more to blame?


The thief that stole it. Not that it wouldn't be stupid to do that, particularly in some neighborhoods. The current trend of "it's easy therefore it's legal/right" doesn't wash in my book. Call me old fashioned.

quote:
but this would not be an issue if the consumer made us of basic windows functionality.


Of course it would. It may be less common, but it would still be a problem. And if all cars came from the factory with dents and faded paint, the stats on auto thief would change as well.


RE: How about...
By fishbits on 2/13/2009 5:20:19 PM , Rating: 5
Where I live, it's punishable to operate a car that's in such bad condition that it is a hazard to the others sharing the roads. At the very least, you will be told to park the junkheap.

If you wish to share a network, especially a public one, your computer also needs to be at least minimally secured.

It's not a punishment. It's "Your headlights have to work before you drive at night. And no, it doesn't matter if someone else is going around breaking them."


RE: How about...
By rcc on 2/16/2009 6:17:39 PM , Rating: 2
There is a difference between life safety issues and computer/network security. A better analogy, if there must be one, is home security.

I don't know of anywere that mandates a home alarm, or even lock types/specs.

So, it's always the fault of "him what done it". We need to be at least moderately astute in protecting ourselves, mentally, physically, and/or electronically. But if we fail in some regard or for some period of time, it's not the victim's fault. The criminally minded still has to make a decision to hack your network, break into your house, etc. i.e. break the the legal or moral code.


RE: How about...
By fishbits on 2/17/2009 4:20:07 PM , Rating: 2
I'm not aware of burglarized homes that then become "zombie burglars" going from house to house worldwide, breaking into other homes, making them "zombie burglars" in the process. Do you?

Roadways are interconnected, with multiple users sharing access and resources. Networks are interconnected, with multiple users sharing access and resources. Understand the analogy yet? See how you took the time to disregard an applicable one to create one that isn't?

"So, it's always the fault of "him what done it"."
Who said otherwise? That doesn't mean that users should be allowed access to shared resources when their means of accessing them aren't minimally safe. Try passing around infected media in the circles I operate in. Then try continuing to say "It wasn't me that deliberately infected the media! I just chose not to take basic, minimal protective actions. That means I'm blameless and should continue to have access!" Someone MAY explain to you just how wrong your thinking is, but in either case the risk you pose will be removed.


RE: How about...
By rcc on 2/25/2009 2:48:38 PM , Rating: 2
Wow, were you having a bad day?

Because what you said wasn't a whole lot different than what I said, but your tone leads me to believe that you thought so.


RE: How about...
By VaultDweller on 2/14/2009 10:48:58 AM , Rating: 2
This worm actually doesn't spread primarily through the MS08-067 vulnerability. That was the vulnerability it was originally created to exploit (back in October), but it didn't become widespread until additional propagation vectors were added. Mainly it spreads through removable USB devices, and brute-forcing weak admin passwords.


RE: How about...
By hameed on 2/15/2009 4:47:10 AM , Rating: 1
What if the MS patch turns out to be worse than the exploit and ruins the computer?


It won't stop
By pequin06 on 2/13/2009 4:31:45 PM , Rating: 5
These virus and malware creators will never stop doing what they do till some real punishment is delt .
Blaming Microsoft that their OS is not secure enough to prevent these attacks is BS.
That's like blaming the manufacturer to the door of your house for a criminal breaking in and stealing your belongings.




RE: It won't stop
By mydogfarted on 2/13/2009 4:51:03 PM , Rating: 2
Exactly. It's one thing to find holes in a security system, it's another to blame the victim because they didn't lock the door.


RE: It won't stop
By omnicronx on 2/13/2009 5:11:06 PM , Rating: 3
Microsoft has to accept their part of the blame, it was a security breach afterall. That being said, no OS is perfect and there will always be security holes. In the end it is the users responsibility to keep their OS up to date.


RE: It won't stop
By Josett on 2/13/2009 10:43:20 PM , Rating: 2
quote:
Microsoft has to accept their part of the blame, it was a security breach afterall. That being said, no OS is perfect and there will always be security holes.


Agreed. But shouldn't there be by now an AI OS already, adapting to whatever threats might surge? Given the R&D time span and x-illions invested, I believe an 'integrity self-aware' OS should be out by now (anyway, marketing-wise, 'AI *insert OS*' sounds more reliable than Windows 7 or Mac OSX) :)

Third-party AVs & FWs software providers should only add up to this paradigm.

That'd make you final statement,
quote:
In the end it is the users responsibility to keep their OS up to date.

a mere triviality.

Cheers!


RE: It won't stop
By Reclaimer77 on 2/14/2009 5:31:47 PM , Rating: 2
quote:
Agreed. But shouldn't there be by now an AI OS already, adapting to whatever threats might surge?


LOL yeah. It will feature Gene Roddenbery's wifes voice and will run on Isolinier chips powered by an anti matter quantum processing unit.

Good suggestion man. I'm sure MS will get right on that...

/rolls eyes


RE: It won't stop
By callmeroy on 2/16/2009 12:32:38 PM , Rating: 2
Well maybe in the year 2000 it'll come......

....oh wait.....nvm... :)


RE: It won't stop
By Cullinaire on 2/13/2009 6:48:06 PM , Rating: 2
Look at that, conficker strikes again. It made off with the 'a' in dealt apparently. Notice how my message does not have that problem.
It's because I was a good boy and patched.


RE: It won't stop
By descendency on 2/13/2009 10:17:44 PM , Rating: 3
Install Windows ME on their computer.


RE: It won't stop
By rudy on 2/13/2009 11:34:28 PM , Rating: 2
Depends. If the worm spreads on it own on a default windows install then I would say it is M$ fault. It's like what if sometimes your door just opens on it's own so a criminal can walk in without breaking it. If on the other hand a modified windows install that has let down security is what allows the spread or the user OKs it through UAC then it is the users fault.

I know no OS is perfectly secure but M$ needs to keep theirs the most secure of them all because they have the largest market share and therefore have the most hackers working on breaking through their system.


DAMN!
By Desslok on 2/13/2009 4:06:12 PM , Rating: 3
Might turn myself in for 250k in this environment!




RE: DAMN!
By TomZ on 2/13/2009 4:20:20 PM , Rating: 2
Funny, I was thinking the same thing! $250K is a nice-sized reward.


RE: DAMN!
By bighairycamel on 2/13/2009 4:28:38 PM , Rating: 5
With my luck the price to post bail would be $251,000.


Raise the reward!
By Smokey48 on 2/13/2009 4:51:56 PM , Rating: 2
Microsoft should make the reward at least $1 million. A hefty reward will make friends drop a dime on each other. A really hefty reward would even make brothers start figuring angles.

Microsoft earns $1 million in interest about every four hours on its cash hoard. I know I don't have any right to tell the company how to spend its dough, but you get what you pay for.

A $10 million reward would probably get instant results.

Maybe the $250K reward is just for P.R. purposes.




RE: Raise the reward!
By bldckstark on 2/13/2009 4:56:51 PM , Rating: 2
For 10 mil, I would learn how to write complex viruses, break into coders houses and upload them from there, then turn them in. Simple frame, big bucks.

I suppose they might catch on when I turn in the tenth or eleventh person though.


RE: Raise the reward!
By PhoenixKnight on 2/13/2009 5:23:54 PM , Rating: 3
quote:
I suppose they might catch on when I turn in the tenth or eleventh person though.


You can just have a casual acquaintance turn someone in for you. Then, once they have the reward, use the worm you planted on their computer to steal their bank account number and take the money for yourself.


RE: Raise the reward!
By austinag on 2/13/2009 5:33:04 PM , Rating: 2
You must be rich, I'd turn in my grandma for 50 grand.


Job
By Spookster on 2/13/2009 5:46:58 PM , Rating: 2
They should offer up the 250k to hire the hacker(s) who wrote it for a few years to fix future holes in the O/S.




RE: Job
By SiliconAddict on 2/14/2009 11:43:31 PM , Rating: 1
Please bitch...all this asshole did was reverse engineer the patch. Why do you think this came out MONTHS after the initial patch? Skill yes....brilliance hell no. Its about as brilliant as Apple and their under the hood cleanup of their clunker 10.6


RE: Job
By Spookster on 2/15/2009 3:21:47 AM , Rating: 2
People might take your post more seriously without the personal attacks.


RE: Job
By Spookster on 2/15/2009 3:22:47 AM , Rating: 2
Besides if it is so easy let's see you do it.


I know who did it!
By jonmcc33 on 2/14/2009 1:09:06 PM , Rating: 4
Nothing like corporate espionage to damage the competition...

http://www.apple.com/




RE: I know who did it!
By PhoenixKnight on 2/15/2009 1:47:11 PM , Rating: 2
Yeah, it's listed right there on their site. iLife. iWork. iWorm.


250K?
By HostileEffect on 2/13/2009 5:57:08 PM , Rating: 2
250K is not that much considering that this is Microsoft, aka M$, $$$$$, they can offer more.




RE: 250K?
By Regs on 2/14/2009 12:27:36 AM , Rating: 2
Right... However I wish the creator of the worm was my next door neighbor.


Americans?
By Beno on 2/13/2009 8:42:44 PM , Rating: 2
they could be in foreign countries.

people who talk about "snitching" are idiots.
as far as i know, hackers only trust or do their stuff alone, so that eliminates any posibility of other person reporting them.

so who is gonna turn them in? this reward is useless.




RE: Americans?
By mindless1 on 2/14/2009 7:23:16 PM , Rating: 2
Much of the time hacking is ultimately about money or common goals, in either case multiple people are involved at least enough to point the finger at someone else.


Why haven't I been infected?
By goku on 2/14/2009 1:47:06 AM , Rating: 2
Here I am running Windows XP SP1 with whatever last update I could get for it, I have no Anti Virus on my system and I've yet to be infected while these guys running SP3 and constantly updating their systems are always infected, why is that? Sounds like an issue of PEBKAC but what do I know..




RE: Why haven't I been infected?
By Screwballl on 2/16/2009 11:02:08 AM , Rating: 2
You probably have a virus and not even know it. Considering 90% of the viruses out there do not actually do any damage nor change files, it only replicates and sends itself out again.

Or you may be one of the 0.00001% of people that do not have that system connected to the internet thus no chance of being infected.


good hackers
By Screwballl on 2/14/2009 9:23:45 AM , Rating: 3
with the number of good hackers out there nowadays, how about taking over some of the "command servers" and command the worms to shut down and reactivate any malware software on the system (or display a message saying "your computer is infected with viruses, please get a free or paid anti-virus program"), then spread itself to other systems with the same message.
Or modify the worm to force the infected computers to automatically connect to Windows Update and download as many updates as it can each time it is connected to the internet change its setting to "automatically connect and download and install any available windows updates".




Tricky bastard
By HrilL on 2/13/2009 11:22:32 PM , Rating: 2
This worms a tricky bastard I've had a hell of a time getting it cleaned off. The first thing it does is disable automatic updates and injects a string to the service start up so that if you try to enable updates after removing the infected files it comes right on back. If only it actually did something more. I mean they should use their bot net for something awesome.




Skynet anyone
By ibigpapa on 2/14/2009 2:13:17 PM , Rating: 2
sounds like the end of the world by a virus, the creaters are the government :|, too bad we have not tapped into the worm to create the worlds largest distributed computer and use it to fight cancer.




Same $*!!, different date
By SiliconAddict on 2/14/2009 11:50:09 PM , Rating: 2
Hmmm now where have I heard of this before....oh yah. MS Blaster. Patch release 3 months before the worm hit. At least back then there was no automatic Windows Update. No built in firewall.
There is no excuse this time. The number of patches now a days that are defined as critical is relatively small MS doesn't label these things critical for the hell of it. If companies, or a military organization?!?, refuses to acknowledge and deal with it in a timely manner that isn't MS problem. As for home users. Again if they have SP2 this shouldn't be a problem unless they intentionally crippled their system...in which case I will point and laugh at them like the tards they are.




"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer









botimage
Copyright 2010 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki