The latest attack is a worm called Downandup, Downadup, Kido!, or Conficker (all the same thing), and it primarily seems to be being delivered via infected USB drives.
How's it work? By tricking you into running the virus by modifying the way "autorun" works when you plug in a drive. Look closely at the screenshot above and you'll see two entries for "Open folder to view files." The one at the top is a phony entry that actually installs the virus on your machine... but of course it's the default selection that pops up when you plug in a drive. Once installed, the virus spreads like crazy via a separate flaw in Windows networking system (now patched, so be sure to run Windows Update if you haven't lately) and can quickly infect a whole office. F-Secure has more analysis on the clever way it tricks you into installing the malware yourself.
How bad has it gotten? Estimates range from 3.5 million infected in the first four days after it bean spreading to 9 million impacted... and gettng worse. By now I figure the numbers could top 15 or 20 million.
Your best strategy for avoiding Downandup? Turn off AutoPlay/AutoRun on your computer (with Windows XP, TweakUI is the easiest way to do it). If you do see an AutoPlay dialog box like the one above, just close it and eject the disc or thumbdrive; browsing the drive manually for individual files should keep you uninfected, but you're best off not using the drive at all. Has this happened to you? I would love to hear from you, or call the show at 512.390.5947 when we're on later today from 3-7pm. Thanks for listening! Carey
Subscribe to:
Post Comments (Atom)
2 comments:
Thank you for the information. You will save tons of data and many headaches! Love you guys, keep up the good work.
Dee
Thanks Dee! So glad you listen to us!
Carey
Post a Comment