Panda Security study reveals scale of security crisis
The number of computers infected by the Conficker worm continues to surge, according to data provided by Panda Security, the global IT security vendor. A study carried out by Panda’s malware detection laboratory revealed that almost 6 percent (5.77%) of computers worldwide are infected by this worm.
The study, involving almost 2 million computers, show that the infection, which originated in China, has now extended across 83 countries, and is particularly virulent in Spain, the USA, Taiwan, Brazil and Mexico. In Spain, Panda has identified more than 36,000 infected computers, although the real figure could be much higher.
“Of the 2 million computers analyzed, around 115,000 were infected with this malware, a phenomenon we haven’t seen since the times of the great epidemics of Kournikova or Blaster”, says Jeremy Matthews, the head of Panda Security’s sub-Saharan operations. “This is no doubt an epidemic and the worst may still be to come, as the worm could begin to download more malware onto computers or to spread through other channels.”
Panda’s researchers have also turned up new data on this dangerous worm. Some variants are launching brute force attacks to extract passwords from infected computers and from internal networks in companies. The frequency of weak passwords (common words, own names, etc.) has aided the distribution of this worm. By harvesting these passwords, cyber-crooks can access computers and use them maliciously.
“This highlights the need for users to establish strong passwords both on personal computers and corporate networks as, otherwise, an infection could spread across an entire company leaving computers at the mercy of attackers,” says Matthews.
This worm also uses an innovative system of social engineering to spread via USB devices: in the Windows options menu that appears when inserting a USB device, it has disguised the option to run the program (activating the malware) as the option to open the folder to see the files – so that when users simply want to see the contents of a memory stick, they will actually be running the worm and infecting their computers.
You will find more information about this and other malware in the PandaLabs blog.