Viruses & Malware

More than 700 computers at the University of Utah have been infected with the Conficker worm.
The hit includes computers at the university's three hospitals, the Associated Press reported early Sunday.

University spokesman Chris Nelson said the outbreak was detected Thursday, the AP reported. By the next day, the worm had struck at the hospitals, medical school, and the nursing, pharmacy, and health colleges.

Patient records have not been touched, Nelson said. IT cut off Net access for up to six hours on Friday in order to isolate the virus, the AP reported.

The Conficker worm, believed to have burrowed into millions of computers around the world, has sent an encrypted data message to infected machines, according to a computer security firm. Trend Micro said the purpose of the mysterious update, sent to other infected machines using peer-to-peer (P2P) file transfer software, was not immediately clear.

Ivan Macalintal, a Trend Micro advanced threats researcher, said Conficker began showing activity on Tuesday, nearly a week after the expected April 1 activation date that had computer security experts on alert around the world.

An old, but little-known worm has copied some of the infection strategies of Conficker, the worm that raised a ruckus last week, Microsoft security researchers said late Friday.

Neeris, which harks to May 2005, is now exploiting the same Windows bug that Conficker put to good use, and is spreading through flash drives, another Conficker characteristic, said Ziv Mador and Aaron Putnam, researchers with the Microsoft Malware Protection Center.

Tibet's government-in-exile denounced a cyber-spy network last week for hacking into the organization's computers, while a scholar said the sophisticated operation may have helped identify those inside Tibet who speak to exile groups.

The exiled Tibetans were commenting on reports by a Canadian research group that the network, based mainly in China, hacked into classified documents from government and private organizations in 103 countries, including the computers of the Dalai Lama and Tibetan exiles.

There have been no major outbreaks of computer viruses among smartphones because no smartphone operating system is popular enough to let a virus to spread effectively — yet, a new study suggests.

The data also predict that once a single smartphone operating system gains a critical percentage of the entire mobile phone market, viruses could start to pose "a serious threat" to mobile communications, said the study released Thursday in Science Express.

April 1 has come and gone and in the minds of many people the Conficker worm turned out to be a joke instead of the major Internet security event that might have been envisioned. Was the hype good, or bad, and who is to blame?

"I'm not sure what to think," said Bruce Schneier, chief security technology officer at BT, who is usually critical or pessimistic. "In a sense, the whole Conficker thing just puts a name on a general problem."

IT security and control firm Sophos has discovered that hackers have successfully infected the Far Polo L1 geo-stationary satellite with a virus known as W32/Cowen.

It is thought that a non-Irish space agency was engaged to host the W32/Cowen virus in orbit. Its communications satellite is now embedding subliminal images related to Fianna Fail into popular television programs such as "The Simpsons", "Friends" and even an Enda Kenny interview with Ursula Halligan's "Political Party" on TV3.

As you probably know by now, the Conficker worm is rampaging through computer networks like a debutante through daddy's liquor cabinet. Scheduled to wreak havoc on April 1, it has proven true to its timetable. The Washington Post's Brian Krebs reports that Conficker has broken London's Big Ben, restored Iceland's bankrupt economy, and nearly caused a nuclear missile launch in Alaska.

As CBS's 60 Minutes news show calmly noted a few days ago:

A virus that experts believe has wormed its way into millions of computers could choose today to attack. The Conficker virus, which is thought to have infected up to 15million computers since last autumn, has so far lurked harmlessly - but it is said to be programmed to change the way it operates today.

Researchers and network-scanning companies scrambled over the weekend to add a technique for detecting Conficker-infected computers, after two members of the Honeynet Project discovered a way to detect machines compromised with the widespread worm.