MISCELLANEOUS

Downadup

Six months after the initial Downadup outbreak, the number of infected systems is still growing, while media speculates about a possible collapse of compromised computers around the world on April Fools

Downadup (a.k.a. Conficker or Kido) is not the cleverest
e-threat ever. It is just a very well-written piece of malware, highly aggressive
and resistant. The worm did not the damage other worms have done, but it has
great potential though, especially because it can update itself in a smart
manner.

The alleged “Internet Apocalypse” is nothing else than a
simple speculation. So far, the code analysis of different Downadup variants
revealed no other evidence in this respect. The only sure thing by now, other
than its high rate of infections, is that the worm was crafted for deploying
rogue security software on the compromised machines.

The rumors that media amplified are based on the
misunderstanding of an enhanced feature pertaining to the latest variant.
Downadup initial versions connected to a limited number of domains in order to
update. The current enhancement refers to the generation of 50,000 random
domains and the selection of 500 of them that it attempts to randomly connect
for the same update purposes, starting April 1st (see full
description
).

 

Still, the number of the Downadup infected machines around
the globe probably equals already that of Belgium’s
or Netherlands’
population, while Q1 infection rates reveal absolutely alarming figures, as you
can see below.

 

Top 10 Most Infected Countries

Percentile infections growth in Feb (compared to Jan)

Australia

311.62

China

287.98

Indonesia

256.58

Spain

222.73

Philippines

220.32

India

214.47

Thailand

209.08

Malaysia

183.67

Italy

137.08

France

126.51

 

Top 10 Most Infected Countries

Percentile infections growth in Mar (compared to Jan)

China

683.71

Australia

473.99

Indonesia

339.96

India

316.71

Spain

280.81

Philippines

264.00

Thailand

199.11

Malaysia

193.19

France

164.30

Italy

116.37

 

Top 10 Most Infected Countries

Percentile infections growth in Mar (compared to Feb)

China

237.42

Australia

152.11

India

147.67

Indonesia

132.50

France

129.88

Spain

126.08

Philippines

119.83

Malaysia

105.18

Thailand

95.23

Italy

84.89

 

There is only one point here: Downadup is not a toy or an
April Fools’ Day joke. It is important that you patch your OS with the latest
updates, while also installing and activating a reliable proactive security
suite. Remember to scan everything and to trust nobody!

Better safe than sorry!

P.S.: If your system has been infected, there is still hope.
Check http://www.bdtools.net/, download
the Downadup Removal Tool, follow the instructions and clean your system.
Ideally, once you eliminated Downadup from your machine, you should patch your
OS with the latest updates, install and activate an antimalware suite.

About the author

Răzvan LIVINTZ

With a humanities passion and background (BA and MA in Comparative Literature at the Faculty of Letters, University of Bucharest) - complemented by an avid interest for the IT world and its stunning evolution, I joined in the autumn of 2003 the chief editors' team from Niculescu Publishing House, as IT&C Chief Editor, where (among many other things) I coordinated the Romanian version of the well-known SAMS Teach Yourself in 24 Hours series. In 2005 I accepted two new challenges and became Junior Lecturer at the Faculty of Letters (to quote U2 - "A Sort of Homecoming") and Lead Technical Writer at BluePhoenix Solutions.

After leaving from BluePhoenix in 2008, I rediscovered "all that technical jazz" with the E-Threat Analysis and Communication Team at BitDefender, the creator of one of the industry's fastest and most effective lines of internationally certified security software. Here I produce a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases. Every now and then, I enjoy scrutinizing the convolutions of e-criminals' "not-so-beautiful mind" and, in counterpart, the new defensive trends throughout posts on www.hotforsecurity.com.

Balancing the keen and until late in night (please read "early morning") reading (fiction and comparative literature studies mostly) with Internet "addiction", the genuine zeal for my bright and fervid students with the craze for the latest discoveries in science and technology, I also enjoy taking not very usual pictures (I'm not a pro, but if you want to see the world through my lenses, here are some samples http://martzipan.blogspot.com), messing around with DTP programs to put out some nifty book layouts and wacky t-shirts, roaming the world (I can hardly wait to come back in the Big Apple), and last but not least, driving my small Korean car throughout the intricacies of our metropolis's traffic.