Scan for badness with Microsoft's Windows Malicious Software Removal Tool

Microsoft's free security tools don't get the respect they deserve, but they're actually good performers. Take the Windows Malicious Software Removal Tool. This small, portable utility checks Windows XP, 2000, Server 2003, Vista, and 7 for infection by a range of known threats, including Blaster, MyDoom, and Sasser, and removes any threats it finds. Microsoft is quick to point out that the Windows Malicious Software Removal Tool is no substitute for antivirus software. It doesn't protect your system from infection; it merely finds and removes any known threats. It's available in separate downloads for 32-bit … Read more

Microsoft declares a victory against autorun malware

Microsoft appears to be winning a major battle against autorun malware.

A blog post this week by Microsoft's Malware Protection Center said the company discovered 1.3 million fewer infections on Windows Vista and XP caused by autorun malware from mid-February to mid-May, compared with the three months prior.

A persistent security threat for the past several years, autorun malware typically spreads through flash drives, memory cards, and other external devices courtesy of Microsoft's autorun feature, which automatically executes a command when the device is plugged in.

Autorun has been a trigger for some of the "top … Read more

Report: Conficker worm beaten but not gone

The Conficker worm may have been squashed, but this nasty piece of malware is still squirming around millions of computers around the world.

Those were the findings of the Conficker Working Group, a collection of antivirus vendors and several other parties that joined forces in 2009 and 2010 to try to stomp out the worm.

Releasing a "Lessons Learned" document (PDF) yesterday, the CWG claimed success in ultimately stopping Conficker from communicating with its creator, thus preventing it from updating into newer and more dangerous variants. The group seemed especially proud of the way the various organizations and … Read more

Fortinet: Job outlook improving for cybercrooks

Cybercriminals are likely to find more jobs next year, one of five top trends forecast by security vendor Fortinet.

In an ironic twist in the job market, more positions will open up for developers who can write customized malware packers, people who can break CAPTCHA codes, and distributors who can spread malicious code, according to Fortinet.

And though cybercrooks have typically deployed their own botnets themselves, Fortinet believes this job will increasingly be farmed out to middlemen, citing the Alureon and Hiloti botnets as two examples of malware distributed this way. Money mules responsible for wiring funds and cashing checks … Read more

Password stealers and Conficker top June malware

June proved to be another hot month for malware with by a surge in attacks by a password-stealing bot and the return of old nemesis Conficker, according to a report released Tuesday by security software maker Sunbelt.

Designed to ferret out cached passwords and log-in credentials for banking sites, "Trojan-Spy.Win32.Zbot.gen" was the second-most prevalent piece of malware detected by Sunbelt last month, up from the No. 5 spot in May. The top spot, grabbing more than a quarter of all detections, was held by "Trojan.Win32.Generic!BT," a generic form of malware … Read more

Conficker fizzled a year ago, but headache remains

A year ago, a variant of the high-profile Conficker worm was all set to stir, programmed to begin receiving update instructions on April 1, with potential consequences being anybody's guess.

Those fears were unfounded as the worm's worst impact appeared to be that it installed malware that displays fake antivirus warnings.

The time bomb failed to blow up, and the buzz died down. But a year later several variants of the worm are still around and growing, albeit slowly--causing problems for unsuspecting Windows users.

Conficker caused major headaches for CNET TV associate producer Jason Howell a few weeks … Read more

Kaspersky impressed by botnet slickness

Cybercrime fighter Eugene Kaspersky can't help but be impressed by the slick operations behind the Conficker botnet, and says that it could have been worse had the botnet been after more than just money.

"They are high-end engineers who write code in a good way," Kaspersky told Wednesday. "They use cryptographic systems in the right way, they don't make mistakes--they are really professional."

Kaspersky says he's "60 percent certain" that Conficker is being controlled from the Ukraine, but can't be certain. And while the threat posed by … Read more

McAfee: New botnets dwarf Conficker threat

The Conficker worm, which has set off many a recent security alarm bell, may just be a small fry, compared to the growing number of botnets, viruses, and worms infecting cyberspace.

According to a report released on Tuesday from security vendor McAfee (PDF), cybercriminals have hijacked 12 million new computers since January with an array of new malware. This represents a 50 percent increase in the number of "zombie" computers over 2008.

The United States now hosts the world's largest percentage of infected computers, 18 percent, according to the McAfee report. China is next on McAfee's … Read more

Feds' red tape left medical devices infected with computer virus

The Conficker Internet virus has infected important computerized medical devices, but governmental red tape interfered with their repair, an organizer of an antivirus working group told Congress on Friday.

Rodney Joffe, one of the founders of an unofficial organization known as the Conficker Working Group, said that government regulations prevented hospital staff from carrying out the repairs.

Joffe, who also is the senior vice president for the telecom clearinghouse Neustar, told a panel of the House Energy and Commerce Committee that over the last three weeks, he and another Conficker researcher identified at least 300 critical medical devices from a … Read more

Conficker infected critical hospital equipment, expert says

Updated 7:50 a.m. PDT April 24 to specify that the infection was in the U.S.

SAN FRANCISCO--The Conficker worm infected several hundred machines and critical medical equipment in an undisclosed number of U.S. hospitals recently, a security expert said on Thursday in a panel at the RSA security conference.

"It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, Marcus Sachs told CNET News after the session. Sachs is the director of the SANS Internet Storm … Read more