Home About Us Products Support Downloads Resellers Links







 

Latest News
Latest Threats
Trainings
Mailing Lists

 

 

 

 

 

Latest News

Downadup worm continues to spread aggressively

Intelligently crafted malware hard to combat and hiding large threat

 

22-1-2009

 

Last week Inter Engineering sent out an alert regarding the aggressive worm Downadup. We feel obliged to warn the public again that this worm is spreading extremely rapidly and represents a serious threat to organizations.

 

Short resume

Downadup exploits a Microsoft security vulnerability to infect computers. A patch is available since October but observing the increasing amount of infected computers obviously organizations and home users are unable to timely apply this patch. On an infected machine the worm protects itself by multiple means including disabling of the Microsoft Windows Update Service and denying access to a large number of security websites. For it’s further spreading it also uses multiple and impressingly intelligent methods leading to its extremely successful progress. On infected machines the worm is able to download new versions of itself from a large number of changing websites thus making it impossible to fight the worm by trying to close down these websites. It is unknown what these new versions may be capable of and they will obviously be used for criminal activities. Finally cleaning infected machines and networks is a difficult task requiring skills.

 

Inter Engineering once more emphasizes the risk of this worm and advises all system administrators in organizations and home users for themselves to not underestimate the threat involved.

 

“We are receiving an increasing number of calls at our support center”, comments Inter Engineering’s Josmaarten Swinkels. “This incident once more shows that it is quite common that security patches are being applied too late and adequate security policies are not efficiently applied. We urgently advise all computer using parties to make sure the Microsoft patch is in place, check that they are not infected and update and apply their security measures. These can be difficult tasks and of course need to be continued consistently in order to be protected from future threats. Tools are available to facilitate and achieve these goals and of course we advise the use of them.”

 

The tasks which need to be executed are mentioned in Inter Engineering’s threat alert of 14 January. Inter Engineering also provides the necessary tools and technical support for disinfection, efficient application of the patch, avoidance of spreading through peripheral control and updating security policies.

 

For more information, contact Inter Engineering

 

 

To contact us:   Inter Engineering

                        Negreponti 5

                        413 35 Larissa, Greece

                        Tel. +30.2410.670030

                        Fax. +30.2410.670006

                        Email: info@inter-datasecurity.com

                        www.inter-datasecurity.com