SECURITYSoftware and security companies join forces as Conficker continues to spreadIn an unprecedented international move, several Internet, antivirus and security-relatedorganizations around the world have united to fight the Conficker/Downadup outbreak that isalready being described as one of the worst worm outbreaks in history. The key players inthe alliance are Microsoft, ICANN (the Internet Corporation for Assigned Names and Numbers,which administers the world's top-level domain names and IP address allocation), and othercorporations including VeriSign, AOL, Symantec, F-Secure, Arbor Networks, the Shadowserver Foundation, Georgia Tech, and several DNS registrars. By sharing predictionsof which domains the worm will try to contact, the companies hope to be able to cut off itssource of updates and instructions. In addition, Microsoft has announced areward of US$ 250,000 for any information that results in the arrest and conviction ofthose responsible for spreading the code, which the corporation has labeled a criminalattack. The reward is applicable to anyone around the world, since the worm has affectedInternet users around the world.
OpenDNS and Kaspersky:
Another alliance aimed at combating Confickr was announced by OpenDNS and Kaspersky, whobelieve that system administrators need to be more aware about how malware isspreading on their networks. OpenDNS is a web infrastructure service that processes andcan optimize and filter web requests from individual computers or large corporations.Using the same pseudo-random strings to predict the domain names that the worm willtry to contact, the companies can attempt to block the worm from contacting its creatorsand spreading. Network administrators will also be alerted about machines on theirnetworks which have become infected and have started contacting these domains.
About Conficker:
The worm, also known as Downadup and Kido, has already infected over50 million PCs worldwide, with over 1.1 million new infections detected in a single day inJanuary by security vendor F-Secure. The original Conficker.A worm and its more virulentvariant Conficker.B, spread through a critical vulnerability in Microsoft Windows that affectsserver services, now known as MS08-067. Iinfected computers contact 250 pseudorandomlygenerated domain names each day to check for updates and to download updatesto itself. The attackers who spread the code know how the pseudo-random name generatorworks, and can register any domain name in anticipation of a day on which infected PCs willtry to contact it.Infected machines are unable to access the websites of most antivirus and securityvendors, and cannot download updates for their security software. Windows Update isalso blocked. The worm then attempts to modify system files and the Windows registryin order to propagate and ensure its components are running on each boot, beforecreating autorun.inf files in every shared folder and removable device.The worm spreads through removable media by exploiting the Windows Autorunfeature, and can also propagate across a local network by probing network shares andgenerating random IP addresses in the same range as the host, along with trying brute-forcepassword cracks using a set of extremely common and weak passwords, which has theside effect of locking users out of their own PCs after multiple failed attempts.Despite Microsoft releasing an unscheduled emergency patch for the vulnerability, itcontinues to infect millions of PCs. Symantec statistics show that the majority of infectionsare on Windows XP SP2/SP3 computers, but a huge percentage are on computers running XPSP1 or lower. These machines are almost certainly not using Windows Update, and aretherefore unpatched.
Bluetooth over Wi-Fi brings huge speed boosts
3G POLYMERS
CROMA
HAMRA