What is DownAd
DownAd is a Worm. A deadly worm, which is causing nightmares to the security experts and spreading very fast these days.
And the magnitude of the infection is big. An estimate suggests that more than 8 million users are already infected with DownAd. Initially thought to be working in conjunction with a NETWORM variant, WORM_DOWNAD.A is now believed to be an updated version of an attack from the same criminal botnet gang.
How does DownAd Operate
They could build a large botnet for example. The framework is in place. Normally malware uses only one or maybe a handful of websites. Such sites are generally easy to locate and shut down.
Then there is Downadup. It uses a complicated algorithm which changes daily and is based on timestamps from public websites such as Google.com and Baidu.com. With this algorithm, the worm generates many domain names every day.
of names such as: , , , , and .
This makes it impossible and/or impractical for us good guys to shut them all down — most of them are never registered in the first place. However, the bad guys only need to predetermine possible domain for tomorrow, register it, and set up a website — and they then gain access to all of the infected machines. Pretty clever.
The first propagation technique is really exploiting poor patch management. A patch for this vulnerability has been available since late last year, but still some administrators (or the safety representatives) have not properly rolled this out to all machines on their network.
Remember is enough to have this worm spread through the entire network. Patch management is a critical component of any IT department’s job today, and it is vitally important that it is applied in a timely fashion across ALL of the company’s machines, including laptops and other mobile devices. Companies also need to have very clear policies on patch levels of external parties who access their network (e.g. partner companies, contractors, etc). Like so many aspects of security, it only takes one hole to bring down an entire network.
Sumant wins UNITAR Open 2017 - *24 Dec 2017, Kuala Lumpur* - *FM Sumant Subramaniam* won today's UNITAR Chess Open Championship 2017 with 6.5 point from seven rounds of rapid play. Kamal...
4 weeks ago