7 Million Computers Already Infected by Conficker

Security researchers at the Shadowserver Foundation, a volunteer-run organization, logged systems from over 7 Million different IP addresses. These computers were infected by familiar variants of Conficker.

It is noteworthy that security experts have been successful in keeping track of infections made by Conficker. Worms use an algorithm to look for instructions on the Internet; and the experts have been successfully cracking the algorithm. They plant their own "sinkhole" servers on the specific Internet domains programmed to visit.

Reportedly, Conficker adopts several ways to get access to the instructions to control the PCs; however, sinkhole servers help researchers to get a rough idea of number of infected machines.

Experts also told that the worm is quite common in places like China and Brazil. Conficker.C variant of the worm has compromised around 10 Million Window-based systems in 150 nations. The level of infected computers has been estimated at 3 Million in China, 1 Million in Brazil, and 800,000 in Russia. Researchers suspect that around 200,000 systems have been compromised in the United States.

In comparison to a majority of enterprise customers who experienced low levels of infection, there were some environments with casually managed computers who faced significant issues. For instance, hospitals are one of the best known examples of such environments where the compromised systems remain unpatched for longer time periods.

Experts added that despite of its size, criminals who control Conficker rarely use it, which certainly sound somewhat mysterious.

Technology vendors are doing their level best to make it sure that the worm is detected and blocked. It's a massive undertaking that has resulted in astounding statistics, as the industry efficiently locks botnet-controlled domains and searches infected computers.

Finally, security experts said that it is difficult to give the exact number of infected systems. If someone claims to provide the exact numbers, it clearly means that either they had controlled it or are being dishonest to themselves as well as to others on the means of data gathering.

Related article: “Loopholes did not cause online banking thefts”: ICBC

» SPAMfighter News - 11/7/2009