Akamai: Conficker worm is still spreading

In the third quarter of 2009, many variants of the Conficker worm remained active, spreading and taking up a large number of Internet attacks, Akamai Technologies said.

On January 14, 2010, in the third quarter Internet Status report, Akamai said, although media propaganda has decreased compared to the boom in the second quarter of 2009, the Conficker worm and many variations Its still active, finding new systems to infect.

In the third quarter of 2009, 78% of Internet attacks that Akamai followed were targeted at port 445 (68% in the second quarter of 2009). Port 445 (used by Microsoft Directory Services) is targeted by the Conficker worm to exploit the buffer overflow vulnerability in Windows and infect the destination computer.

The majority of attacks came from the following four countries: Russia (13%), Brazil (8.6%), the US (6.9%), and China (6.5%). Although Microsoft has released a patch from the first Conficker versions, security experts say that it is still " dirty " because there are many computers running a copy of Windows without copyright. patch.

Citing figures from the Conficker Working Group, Akamai said that the number of Conficker.A, Conficker.B infected computers worldwide increased in the third quarter of 2009 while the number of Conficker.C infected computers decreased.

However, recent data show that the number of Conficker.A, Conficker.B infected computers has dropped from 6.7 million (in October 2009) to about 6.3 million. The number of Conficker.C infected computers decreased from 400,000 (in October 2009) to 280,000.