worms

Report: Conficker worm bites University of Utah

More than 700 computers at the University of Utah have been infected with the Conficker worm.

The hit includes computers at the university's three hospitals, the Associated Press reported early Sunday.

University spokesman Chris Nelson said the outbreak was detected Thursday, the AP reported. By the next day, the worm had struck at the hospitals, medical school, and the nursing, pharmacy, and health colleges.

Patient records have not been touched, Nelson said. IT cut off Net access for up to six hours on Friday in order to isolate the virus, the AP reported.

Windows users brace for Conficker's wiggle

roundup The Conficker worm is keeping security experts on their toes, trying to scope out exactly how and when it might strike.

Report: Conficker worm bites University of Utah More than 700 computers at the University of Utah, including those at its three hospitals, have been infected with the worm. (Posted in Security by Natalie Weinstein) April 12, 2009 7:04 AM PDT

Conficker also installs fake antivirus software In addition to dropping a mystery payload on infected machines, the Conficker worm installs software that tries to dupe people into paying nearly $50 for fake antivirus software. (Posted in Security by Elinor Mills) April 10, 2009 4:00 PM PDT

Researchers say Conficker is all about the money Conficker's ties to a large spamming and password-stealing botnet give credence to the speculation that money, and possibly malicious Eastern European hackers, are behind the latest Internet worm infection. (Posted in Security by Elinor Mills) April 9, 2009 11:43 AM PDT

Conficker wakes up, updates via P2P, drops payload Conficker is updating itself on infected computers via peer-to-peer technology and is programmed to stop running on May 3, Trend Micro researchers say. • Podcast: Conficker using P2P to spread payload (Posted in Security by Elinor Mills) April 8, 2009 3:27 PM PDT

Eye chart can help diagnose Conficker April Fools' Day passed with much angst over and little action from the Conficker worm, but that doesn't mean it's not a threat. Quickly determine if you're infected with this "eye chart." (Posted in The Download Blog by Seth Rosenblatt) April 3, 2009 5:36 PM PDT

All quiet on the Conficker front. Now what? Just because Conficker was quiet doesn't mean it won't act in the future, turning unsuspecting PCs into spam-sending drones or stealthily stealing passwords from people, experts say. (Posted in Security by Elinor Mills) April 1, 2009 8:05 AM PDT

Countdown to Conficker--a bust so far Researchers say the worm is awake on computers in Asia where it's already April 1, but so far it hasn't taken much action. We'll keep you updated here. (Posted in Security by Elinor Mills) April 1, 2009 6:35 AM PDT

Podcast: Worm 'phoning home' but getting no answer Security watchers at McAfee say that Conficker is trying to communicate with master computers but isn't getting through. (Posted in Larry Magid at Large by Larry Magid) April 1, 2009 5:21 AM PDT

Conficker flaw reveals which computers are infected Researchers find flaw in Conficker that lets them detect which computers have the legitimate Microsoft patch and which were "patched" by the worm itself. • Conficker demonstrates complexity of IT security (Posted in Security by Elinor Mills) March 30, 2009 1:54 p.m. PDT

Podcast: Conficker worm dissected David Perry, education director of Internet security company Trend Micro, discusses the implications of the worm.(Posted in Larry Magid at Large by Larry Magid) March 30, 2009 11:04 p.m. PDT

Conficker worm might originate in China A Vietnamese security firm concludes that the Conficker worm has the same root as the Nimda, which the firm believes originated in China. • Malware probes find a China angle (Posted in Security by Dong Ngo) March 29, 2009 7:30 p.m. PDT

'60 Minutes': What's next for the Conficker worm? A report on the CBS News television news program examines one of the Internet's most dangerous computer worms. (Posted in Security by CBS Interactive staff) March 29, 2009 7:00 p.m. PDT

FAQ: Conficker time bomb ticks, but don't expect boom Worm's latest variant is set to start hitting random domains on April 1. But security experts say the damage might not be as serious as the hype suggests. • U.K. parliament computers get Confickered (Posted in Security by Elinor Mills) March 25, 2009 5:10 p.m. PDT

Watch CBS Videos OnlineRead more

Worm infiltrates Twitter

A worm apparently infected Twitter on Saturday.

The worm may originate with the StalkDaily.com site, and Twitter warned people against visiting the site or linking to it.

"If you have been locked out of your acct due to the StalkDaily issue, pls do a p/w reset; we may have reset your p/w for safety," Twitter informed its users on Saturday afternoon.

Details about the worm itself were scarce, but the micro-blogging site was awash in the news by Saturday night. "StalkDaily Worm Runs," "#stalksdaily," and "Twitter hit by" were … Read more

Conficker also installs fake antivirus software

Researchers have discovered another feature of the Conficker worm that provides an additional clue about the intent of the creators--the worm installs malware that masquerades as antivirus software, Trend Micro said on Friday.

The worm, which has infected millions of Windows-based computers on the Internet, is downloading a program called Spyware Protect 2009 and displaying warning messages saying that the computer is infected and offering to clean it up for $49.95, according to the Trend Micro blog.

The infection alerts repeatedly appear and experts are worried that people may be clicking on them and paying for the software just … Read more

Podcast: Conficker using P2P to spread payload

As CNET News has been reporting, researchers at Trend Micro have discovered that the Conficker worm, which did basically nothing on April 1, is now updating itself by using a peer-to-peer network between infected Windows PCs to pass on payload instructions.

Because the worm's instructions are encrypted, as of 7:20 p.m. PDT Wednesday night, researchers were still unable to determine the nature of the payload, according to Trend Micro education director David Perry.

Still , in this audio podcast, Perry had plenty of information about how the worm is finally passing on instructions to infected PCs.

InchWorm shoes that grow on you

Here's a stretch of an idea--shoes that grow with the child.

U.K.-based Fat Shoes Day--while not exactly a politically correct shop name--may just have a shoo-in with its InchWorm trainers. Taking a cue from expandable luggage bags and my favorite Tupperware collapsible FlatOut containers, these kiddie shoes utilize a technology called (in a nod to Apple) iFit.

The middle segment works like an accordion that can be extended with a button release. The result: a pair of shoes that will grow with the little tyke, in two half-size increments up to three sizes. How cool is … Read more

Viruses with trigger dates

Conficker, which was set to activate on April 1 but failed to cause any problems, isn't the first virus to be programmed to take action on a certain date or time. Experts believe that worms with a trigger date can lead to panic and hype. Here are some others:

Jerusalem One of the first known viruses, dubbed Jerusalem, was first detected in the Israeli city in October 1987 and targeted at DOS systems. It was programmed to delete programs on Friday 13th, except in the year 1987.

Michelangelo The Michelangelo virus, first discovered in 1991, was triggered to launch … Read more

Conficker postmortem: Hype distracted but threat is real

April 1 has come and gone and in the minds of many people the Conficker worm turned out to be a joke instead of the major Internet security event that might have been envisioned. Was the hype good, or bad, and who is to blame?

"I'm not sure what to think," said Bruce Schneier, chief security technology officer at BT, who is usually critical or pessimistic. "In a sense, the whole Conficker thing just puts a name on a general problem."

The problem is that there are tons of malicious programs and attacks out there … Read more

All quiet on the Conficker front. Now what?

As expected, the Conficker worm failed to cause the digital pandemonium that some may have feared.

So, can we all just go back to playing on Facebook and watching the game now?

Not really. Just because the worm failed to create much of a stir on the day it was set to activate, April 1, doesn't mean it won't wake up and act later.

"The (malicious) hackers can tell their worm to do something any day of the year; they're just as likely to do it tomorrow or next Wednesday or in August," said Graham … Read more

Countdown to Conficker--a bust so far

This post will be updated continually to track activity on the Conficker worm, the latest variant of which had been expected to hit the Internet on April 1. For more background on Conficker, click here or read below.

April 1, 6:35 a.m. PDT: McAfee says its Avert Labs is seeing Conficker-infected hosts attempting to call their "master" to get instructions, but those calls are not getting through. "This could be deliberate and the infected hosts may try again later, perhaps over the weekend when people aren't watching as closely," McAfee spokesman Joris Evers … Read more