PC Virus Infects Network of Tucson Schools
According to security experts, the IT department of Tucson Unified School District is fighting to eliminate a sample of the Conficker worm that has affected the district's approximately 5,000 computers.
The information technology department of the district together with the engineers of Microsoft collectively worked to remove the virus.
Nevertheless, the engineers believe that the contaminated computers were outdated that failed all security patches to fix the virus.
The experts state that Conficker is capable of infecting a PC and disseminates itself to other networked PCs automatically i.e. without any user participation. Thus, in the current instance, the virus infected servers as well as desktop PCs all over the district.
The experts, describing the virus even further, stated that the virus disseminated fast to PCs via a vulnerability in the Windows operating system. Thereafter, the contaminated computers were added to a network of other compromised PCs called 'botnet,' which hackers commanded and controlled to unleash unexpected Internet attacks.
In fact, the botnet could be utilized for unleashing Distributed Denial-of-Service (DDoS) attacks or as a medium for significant spam campaigns and financial frauds.
The experts also elucidated that there was an extraordinary resilience as Conficker was featured with in-built mechanisms that stopped antivirus software from scanning systems.
Even if computers were sanitized and started afresh after keeping a back up of their content on some handy hard drives, then the same PCs would become infected again once the hard drives were attached to them.
With the media hype for Conficker currently dying out, the botnet controllers seem to be relaxing, but they have by now dispatched malware to infected systems to pull them into the botnet for spamming operations.
As of September 21, 2009 afternoon, it was not possible to repair about 5,000 computers because of their age. Consequently, the district would've to build their hard drives afresh.
Students and staff have been cautioned against plugging flash drives to the computers, visiting vulnerable websites, and operating PCs to connect to the affected computer network.
» SPAMfighter News - 13-10-2009