Downadup infection numbers

Downadup infection numbers

Summary: Estimates vary wildly as to how many PCs have been infected by Downadup, the virulent computer worm also known as Conficker and Kido. The Telegraph puts the number at over 15 million, while security company F-Secure told ZDNet UK on Thursday that the number of infected IP addresses was between one and two million.

SHARE:
TOPICS: Security
2

Estimates vary wildly as to how many PCs have been infected by Downadup, the virulent computer worm also known as Conficker and Kido. The Telegraph puts the number at over 15 million, while security company F-Secure told ZDNet UK on Thursday that the number of infected IP addresses was between one and two million.

Of course, one infected IP address could indicate one infected machine, or a whole network, if the network is being served by a proxy.

The problem with gauging the scale of, well, the problem, is compounded by different security vendors not having an overall view of global computing. F-Secure has in-depth knowledge of F-Secure customers and their systems, plus whatever malware is hitting its honeypots, Symantec has in-depth knowledge of Symantec customers and their systems, plus whatever is hitting its honeypots, etc, etc. However, none of them has a truly overarching view of all of the malware floating about on all of the internet.

This leads to different estimates of the scale of the problem in different countries. According to F-Secure, China accounts for 15 percent of the systems infected by Downadup globally, while according to Symantec the figure is almost twice that, at 28.7 percent.

Then there is the problem of disinfection and re-infection -- that is alone is going to make any estimate a straw poll, even if you ignore the problem with IP addresses and views limited by customer numbers and distribution.

So what's a poor IT professional to do? Well, patch any systems with the MS08-067 patch, for a start. And take press reports about the scale of infection as rules of thumb, with a pinch of salt, and any other cliches you like.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Downadup infection numbers

    i had this worm end of last year on 2 computers how i new i was infected both of them i could not update in anyway with microsoft as it would shut done the computer and start it up again same with virus softwear would keep starting and if you went to go into safe mode it would do the same on both machine the machines were slowed to the of crashing and i replaced the harddrive and it was still their it evan deisabled the harddrive i then realized it must be on the motherboard bios our on memory on the motherboard the network i took out buy this stage but it is only the beging of this virus as i think alot of home and networks and buisness are going to be down with this worm it not good is very good ai and is one step ahead off you thats my expereance of it thank you bri147
    bri147
  • Downadup infection numbers

    There is a tool to check for Downadup/Cornflicker infection (on Windows computers) at this site. However the site is down just now, overwhelmed perhaps.

    http://www.bdtools.net

    Worth a try. I'm clean!
    The Former Moley