Conficker Infects 7 Million Systems in a Year

The Shadowserver Foundation reported that it has discovered 7 million unique IP addresses infected by Conficker and its variants. Tracking of the attack was accomplished by cracking the algorithm that the worm uses to find instructions on the Internet.

Tips for Avoiding Malware on Social Networks Include More than Common Sense

Amid all the malware on Facebook, Twitter, Bit.ly and other social networks and microblogs, there are some new tips and strategies on how to avoid being hijacked. The article describes a number of methods including the hijacking of Twitter trending topics and hijacking legitimate Twitter accounts for total control and then spreading malware links. Advice points to being skeptical of links, even from friends, and eing careful with shortened urls (a great place to hide malicious links). Even though Twitter and Bit.ly are using Google’s Safe Browsing API, some malware continues to work. Read the full article. [ReadWriteWeb]


Microsoft Corp. pours more money into software security than any other
major vendor both because it has to and because it can. Yet for all the
investments in security, the number of vulnerabilities discovered in
the company’s products has increased over the years, prompting
questions over whether the company has reached the limits of its
ability to debug software. 

There are reports of phony FDIC notification e-mails tricking computers users into installing the ZBot identity-theft Trojan. The e-mails
tell the recipients that their banks have filed for bankruptcy and that
the banks’ asserts are now under the control of the FDIC. The links
offered in the message lead to a page that offers users a chance to see
their “personal FDIC insurance file(s),” but which actually installs
the Zeus or ZBot Trojan on their PCs.  See the FDIC warning [fdic.gov]

Independent Sen. Joe Lieberman of Conneticut is set to propose a bill that would make the lead security post for the U.S. government a Presidential nominee approved by the Senate and accountable to Congress. This is in sharp contrast to the proposed hierarchy laid out by the ranking Republican leader of the Homeland Security panel, Senator Susan Collins of Maine, who views the position as residing in the DHS, said Ed O’Keefe on his Federal Eye blog. Read the full story   [Washington Post]

Microsoft today released its biannual Security Intelligence Report
which demonstrates some surprising conclusions about how the threat
landscape is impacting enterprise networks. For example, the number of
rogue security software infections, which experienced a high-profile
scourge earlier this year, was down, as was the number of Trojan and
downloader infections. Computer worm infections, on the other hand,
surged upward. Read the full story [SearchSecurity.com].

Gumblar, the nasty bit of malware that was part of a mass SQL injection on legitimate Web sites this spring, is continuing to spread and its creators have been busy lately, compromising hundreds of new sites, leading to a massive new wave of infections of end-user PCs.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.