Expert: Worm spreading in many ways becoming an epidemic

The worm known as Kido, aka Conficker or Downadup, evolves to spread via removable devices and other means besides just exploiting a Windows vulnerability.

by Elinor Mills

January 15, 2009 2:03 PM PST Follow @elinormills

A worm that spreads via removable devices, network shares, and weak administrator passwords--in addition to exploiting a critical Windows vulnerability--is spreading so fast it is becoming an epidemic, a security researcher said on Thursday.

The worm, known as Kido, Conficker, or Downadup, initially exploited MS08-067, a vulnerability considered critical for Windows 2000, XP, and Server 2003. It was patched in October.

Newer variants have been configured to give the worm the ability to infect via other means to get onto the network, said Roel Schouwenberg, a senior antivirus researcher at Kaspersky Lab.

"The Kido authors are trying to get into these networks by infected removable devices and by using other Trojans to install Kido on a computer, which will then try to infect other machines on the local network," he said in an e-mail statement. The worm "is currently causing an epidemic."

An estimated 3.5 million computers are believed to be infected with the worm, ZDNet reports.

Politics

Obama toasts his German hosts

Toasting his German hosts in Berlin, President Obama said, "We are proud to join with millions of men and women throughout the world who hold the cause of freedom sacred."

Play Video