Worst computer virus in six years

8 posts / 0 new
Last post
M. Spector M. Spector's picture
Worst computer virus in six years

Quote:
A new digital plague has hit the Internet, infecting millions of personal and business computers in what seems to be the first step of a multistage attack. The world’s leading computer security experts do not yet know who programmed the infection, or what the next stage will be.

In recent weeks a worm, a malicious software program, has swept through corporate, educational and public computer networks around the world. Known as Conficker or Downadup, it is spread by a recently discovered Microsoft Windows vulnerability, by guessing network passwords and by hand-carried consumer gadgets like USB keys.

Experts say it is the worst infection since the Slammer worm exploded through the Internet in January 2003, and it may have infected as many as nine million personal computers around the world.

[url=NYT[/url]">http://www.nytimes.com/2009/01/23/technology/internet/23worm.html][color...

NorthReport

How do we know if are being attacked by this particular worm?

 

For the last couple of days I have been getting firewall alerts every few hours about intrusion attempts detected: Suspected Downadup worm infection attempt.

When I check the details it says: Remote address:   24.81.102.232

 

WTF does this mean?

Or perhaps more importantly how do I lose it as it is persistent.

Sven Sven's picture

NorthReport wrote:

How do we know if are being attacked by this particular worm?

There is only one known foolproof test, and I will demonstrate it for you.

I'm going to type a nine-character word that is composed of nine unique characters (no characters being used more than once).  If that nine-character word appears on your screen as a word composed of only one character repeated nine times, then you have the virus.

Follow me so far?

Okay, are you ready?

Here's the word: XXXXXXXXX 

_______________________________________

Eleutherophobics of the World...Unite!!!

NorthReport

Sven wrote:
NorthReport wrote:

How do we know if are being attacked by this particular worm?

There is only one known foolproof test, and I will demonstrate it for you.

I'm going to type a nine-character word that is composed of nine unique characters (no characters being used more than once).  If that nine-character word appears on your screen as a word composed of only one character repeated nine times, then you have the virus.

Follow me so far?

Okay, are you ready?

Here's the word: XXXXXXXXXX 

_______________________________________

Eleutherophobics of the World...Unite!!!

 

It came out as a word composed of only one character repeated 10 times, so I guess my computer is safe.

Whew!

Sven Sven's picture

NorthReport wrote:
Sven wrote:
NorthReport wrote:

How do we know if are being attacked by this particular worm?

There is only one known foolproof test, and I will demonstrate it for you.

I'm going to type a nine-character word that is composed of nine unique characters (no characters being used more than once).  If that nine-character word appears on your screen as a word composed of only one character repeated nine times, then you have the virus.

Follow me so far?

Okay, are you ready?

Here's the word: XXXXXXXXXX 

_______________________________________

Eleutherophobics of the World...Unite!!!

 

It came out as a word composed of only one character repeated 10 times, so I guess my computer is safe.

Whew!

Was it ten Y's or ten X's?  If the former, it means you're going to win a one million dollar lottery (even if you don't buy a ticket!!!) but, if it's the latter, well...

...run for your life!!!  Your computer is about to blow sky high in about fifteen seconds!!! 

_______________________________________

Eleutherophobics of the World...Unite!!!

Brian White

Thats where the savings went.  They already stole all the bank passwords and took all the money. And now the banks are broke.

Nobody wants to say this because people would be madder than if they call it a "global financial crisis". 

Refuge Refuge's picture

NorthReport wrote:

For the last couple of days I have been getting firewall alerts every few hours about intrusion attempts detected: Suspected Downadup worm infection attempt.

When I check the details it says: Remote address:   24.81.102.232

WTF does this mean?

Or perhaps more importantly how do I lose it as it is persistent.

Little off topic but I did a whois lookup on the IP address and found [url=this[/url]:">http://whois.domaintools.com/24.81.102.232]this[/url]:

OrgName:    Shaw Communications Inc. 
OrgID:      SHAWC
Address:    Suite 800
Address:    630 - 3rd Ave. SW
City:       Calgary
StateProv:  AB
PostalCode: T2P-4L4
Country:    CA

That is probably the offenders internet provider if you want to lodge a complaint against them with Shaw

NDPP

Ransomware Virus 'Wanna Cry' Plagues 100k Computers Across 99 Countries

https://youtu.be/96nIZUc7JVE

Leaked NSA Exploit Blamed For Global Ransomware Cyberattack

https://www.rt.com/usa/388187-leaked-nsa-exploit-ransom

"A zero-day vulnerability tool, covertly exploited by US intelligence agencies and exposed by the Shadow-Brokers hacking group has been blamed for the massive spread of malware that infected tens of thousands of computer systems globally."

Mass Cyberattack Strikes Computer Systems Worldwide: UPDATES
https://www.rt.com/news/388165-mass-cyberattack-strikes-globally/