Top

Help Support my Blog!

Virgin Mobile USA
Glasses USA
Amazon
Newegg
VPN4ALL
Netflix
Hulu
CafePress

 

Subscribe to Paul’s Tech Talk Affiliate Marketing Blog

Subscribe to Paul’s Tech Talk Science Fiction Blog

Subscribe to Paul’s Tech Talk Scams Blog

  • Acer 11.6
    Acer 11.6" Laptop 2GB 16GB | C710-2856
    Acer

    Currently  in process review this Acer Chrome book and boy is it nice!

Blog Index

Subscribe to our mailing list

* indicates required
Email Format

View previous campaigns.

Powered by MailChimp

Follow Us

Navigation
Sponsors

Entries in downadup.b (5)

Saturday
Jan242009

Brace for Impact, Brace for Botnet! (Conflicker Worm)

Author: AuthorPaul Sylvester | Date: DateSaturday, January 24, 2009 at 10:16AM |
The Worm that has infected 6% of Personal Computers is starting to build into something totally different.  According to some Researchers, they are saying this has to happen soon. And I'll quote:
In any case, today seems better than the day before and we think that growth of Downadup has been curbed. Disinfection of the worm remains a challenge.

[Via F-secure]

[ad#ad2-right]Although this sounds like it has stopped, I don't think so I am sure the worm will get even bigger.   I don't think it has been curbed we might have a rest period before the Worms tries again.
"Why is it taking so long?" asked Huger. "That's what we're all asking." He couldn't recall an attack of this size with such a long lag time between the initial attacks and follow-on downloads of more malware to the hijacked systems.

[Via PcWorld]

Now We know this exploit is being patched as quickly as possible in some areas of the industry but that leaves the question?  What isn't being patched, I am guess the next stage of this worm is mutant into a new worm much like the way it tries to communicate to download new software or instruction.   I believe it will be using a newer exploit so that it can infect even more computers.   I also think it will be a botnet and so does others.
But he also pointed out that the clock is ticking. "If they don't hurry up and do it, someone else will," he said, explaining that hackers must fend off not only security researchers, but also other criminals, who would like nothing better than to pinch a ready-to-use botnet.

[Via PcWorld]

So they are going to use this Downadup Worm soon, I am counting on it.   Somethings for IT professionals to prevent more infections are to make sure you have patched the latest security holes before they exploit that.   Like my favorite program, the Clone of Autopatcher, which you can create a month by month patch DVD to install on all important systems.   IT professionals must not start getting relax, because of people saying it is on the downfall. In nature there are always going to be periods of rest before growth. So I am sure something will happen rather quickly, and probably in the next week or two.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , ,
Thursday
Jan222009

Alarming results are coming from the Conflicker Worm

Author: AuthorPaul Sylvester | Date: DateThursday, January 22, 2009 at 1:37PM |
[ad#digg-right]Today I've been doing research because I surprised how many people have searched for the Conflicker Worm/Virus and I wanted to point just how bad this is getting.     I was looking on Twitter about this some more and here is what I found out:
Over a million conflicker hosts: Are you responsible for any of them? (http: //tinyurl.com/awpeep

[Via twitter  Hevnsnt]

Now I went there and he seemed to of added ")" to the URL so I took that out and here's the URL to check this out.  I went there and saw all these IP(Internet Protocols) and it claims that it is over a MILLION.  I don't know if it is true because I stopped the list of IP's due to the size of list.

conflicker-statsI also wanted to talk about the rate at which people are finding this site due to the conflicker virus/worm infecting their systems.     As you can see it is steadily increasing as more and more people are trying to find out how to get rid of this very pesky infestation.   See below for some good resources to get this annoyance.

I went back to twitter and some other places to find out what people are saying about this virus and I found this interesting comment:
Conflicker Virus has locked out my work account again.... slightly upsetting it keeps trying to break my account password

[via Twitter twitpaul]

[ad#ad2-right]According to one blog post, they seem to think this is a test worm trying the waters out to see how well it works.  I tend to agree with this blog post because of the unlikely hood of just infecting systems for fun.   I also think they are going to use this worm/virus for a Botnet.  There have been several post about this being a possible Botnet setup.  Acording to Computeworld, They claim this is building a Botnet and I tend to wonder if this was a bad deployment or if they are just reading to start this up after so many computers are infected.

I don't know what to call the Conflicker a Virus or a Worm.  So I've decided to just use both.  I've been telling people to patch there system as soon as possible.  I'd also tell people that you need a good AV and a Good Firewall.   Although this sometimes won't prevent you from getting a virus you will undoubtedly need to disable Auto run.   Here are some good resources to better help you get this virus off your system:

As you can see there are several different options to help remove this virus and I thought I would list them here.   I have heard how hard this virus is to remove and I want to help people remove this virus.  Some other things to consider is disabling your restore points before you remove the worm, or it will just come back.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , ,
Tuesday
Jan202009

More Information on the downadup Worm

Author: AuthorPaul Sylvester | Date: DateTuesday, January 20, 2009 at 2:36PM |
If your working to get rid of this Downadup Worm, F-secure is giving out a free removal tool to help with that task.   According to F-Secure Worm:W32/Downadup.gen description which Talks about how bad this worm is.

[ad#ad2-right]Due to companies not updating the MS 08-067 patch, it is the primary way for this worm to get onto a system.

Graham Cluely's Blog ask a question and got quite a few answers from the users. The results of the poll are 53% believe the hackers are to blame, and 30% think the System Administrators are to blame, and 17% think Microsoft is to blame for this worm.

I have a mix feelings over who is to be blamed for this worm. I think the person who wrote this, did it for a specific reason. We can't expect any software we use to be 100% safe, even Macintosh are not 100% safe. Microsoft isn't to be blamed because they tried to patch this as quickly as they could. I know that companies have a hard time keeping up with Microsoft updates, and they really can't be blamed. I think Hackers are always going to make a virus just because they can. That's in there nature and we will never be really rid of the virus or worm writers. They are in it for the Money, to boast, to take control of, or steal sensitive information. Windows being the Alpha Dog, people are always going to test the waters because of that.

So who do you think is to be blamed?  I'd like to hear your thoughts on this.








Who do you think is to blame for the Downadup Worm?


1) End Users
2) Microsoft who did patch it
3) The person who Wrote this Worm
4) Companies who didn't implement updates
5) No one it is going to happen
6) People who pay the writers of Virus/Worms


View Results


Make your own poll




If you think someone else is to be blamed just make a comment.

Please bear in mind that this poll is not scientific and is provided for information purposes only. The comments expressed on this page are those of a subsection of poll participants, and not necessarily those of Tech-linkblog. Tech-linkblog makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , ,
Friday
Jan162009

How Serious is the Downadup.b/Conflicker Worm?

Author: AuthorPaul Sylvester | Date: DateFriday, January 16, 2009 at 9:42AM |
In there latest post F-secure has updated how many people are infect and I'll quote:
Today's calculation is a total of 8,976,038 infections worldwide and 353,495 unique IP addresses.

That's a quite a big difference compared to our last number — there will be a follow up post coming soon to explain the methodology.

[Via F-secure]

F-secure has noticed it went up from 3,521,230 infections worldwide. This Worm has doubled in over a day.  So I have done some twitter searching to see if anyone has recently tweeted about this and I find this one comment:
[ad#ad2-right]
WTF? suddenly my antivirus is popping with warnings about a W32.Downadup.B ... but I havent received any attachs or installed anything!

[Via Twitter Mklopez]

I'd thought I show you how important it is for you to get ready for a very hard fight ahead of yourselves.  You see this hasn't even begun with this worm.
Here's are some of the tweets:

2 customers, have this conflicker.worm problem and we are trying every possible solution but nothing turned out to be solved

[Via Twitter  Candegger]

@carnal0wnage Hey happy new year, what malware one of my clients just had a large outbreak of the conflicker virus, pretty good virus

[Via twitter MarcoFigueroa]

[ad#ad2-right]This worm doesn't need to be downloaded because it will use exploits that are currently unpatched in the systems .  This worm seems to be spreading by USB sticks and you should really turn that off. If you think you've gotten this virus, please check out my Malware Resources and also some of the other post about this worm:




I hope these resources help you fight that worm and help people get your system back to normal.

Check out my other Posts about Conflicker/Downadup Worm.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , , , ,
Monday
Jan122009

Blasting the Downadup.b/Conflicker back to the Stone-age!

Author: AuthorPaul Sylvester | Date: DateMonday, January 12, 2009 at 5:25PM |
It has been talked about the last few days where there is a worm hitting the computers who haven't done the Microsoft Update MS08-067 which was release out of cycle and still have some systems has not been patched.  It has also been reported that it is spreading around the internet really quickly.   According to Computer World:
[ad#ad2-right]The worm, which was first reported by Panda and other security companies on Dec. 31, 2008, exploits a vulnerability in the Windows Server service that's part of all currently supported versions of Microsoft's operating system, including Windows 2000, XP, Vista, Server 2003 and Server 2008.


[via Computer World]

It seems Microsoft has scolded people who haven't patched for the October emergency update. Accusing users of playing "Russian Roulette"  and scolding them for not promptly updating their system to remove the vulnerability.

Symantec Blogged about this security of this program and how it was a variant of Downadup.b.  It also talks about how they are seeing an even more increase on this worm that was supposed to be patched by people who use Windows 2000 Server.

[ad#ad2-left]F-secure did a post about Downadup/Conflicker and how they took an Preemptive domain block list for this worm.   They have also seen an increase in this worm and they are trying to prevent this worm from gaining ground.   Talking about this being a network worm, in more ways then one.  Some have even seen it being sent through USB drives.   If you have a system you want to protect you should stop autorun.

Here are some links to better help you get this worm off your system:

In order to remove this worm, you must do a complete system scan with any of the free virus scanning programs.  You'll need to update your virus database before you do the scan.  You may even want to try the free virus scanners tha are online to get rid of this worm.   These should help you get rid of this worm, but you must remember to install the update or you will get the worm again.  The MS08-067 Patch should be installed as soon as possible you can find the patch here.
VPN4ALL best privacy&encryption
CommentPost a Comment | in , , , , , , , , , , , , , , , , , , , , , , ,