Kaspersky Lab:Kido may increase on 1 April

April 1, 2009, 4:05 pm

kaspersky lab:kido may increase on 1 april   In connection with many users of Kaspersky Lab applications developed at the company`s expert answers frequently asked questions about the possible revitalization of malware Kido, also known as Conficker and Downadup.
malware Kido represents at present a serious threat to the entire Internet community. Millions of computers infected by Kido, could potentially become the most powerful resource kiberprestupnikov online. This malware was first detected in November 2008. Its activation is expected on April 1:Kido botnet control center starts to go to 50 000 domains per day (previously connected only to the 250 domains), and download to your computer, new versions of other malicious programs. Follow these steps for intruders at the moment is not to predict.
Thus, the authors developed a giant Kido zombie network (botnet) can potentially provide an opportunity to make machine is powerful DDoS-attacks to any Internet resources, steal confidential data from infected computers and disseminate objectionable content (in particular to carry out large-scale spam -distribution).
Until recently, Kido distributed over computer networks and removable media. In particular, it will pass through on their computers, using a critical vulnerability in MS08-067 family of operating systems, Windows, the patch that was released by Microsoft yet the autumn of last year. Experts believe that in large parts of machines the patch has not been installed at the time of peak proliferation of Kido in January. This factor, as well as the neglect of effective anti-virus protection and have led to the epidemic:the current versions of various Kido infected at least 5 to 6 million computers with Internet access. In recent versions Kido no apparent opportunity samorasprostraneniya. The program only to strengthen the already infected computers.
In Kido implemented the most advanced technologies virusopisateley - such as downloading updates from the ever-changing addresses of sites, use of compounds of type computer-computer (peer-to-peer) as an additional channel updates, use strong encryption to protect against interception control improved possible to switch off the security services, barriers to protect software updates, etc.
The latest version Kido gets update by downloading the code to 500 domains, chosen from the pool fluctuates daily, consisting of 50 thousand domain candidates. Random character selection, as well as a large amount of the pool makes a very complex control over the space of names on the Internet, used by malware. Therefore, you need to make every possible effort to update the constraints at the level of local area networks.
In the presence of infected computers on the network increases the volume of network traffic, since these computers from network attacks. Anti-virus applications to an active network screen reported attack Intrusion. Win. NETAPI. buffer-overflow. exploit.
If you suspect contamination of your computer, try opening a browser and go to a random page of favorite search engine. If the page opens - then try to download www. kaspersky.com or www. microsoft.com. If it was not possible - that access to sites, most likely. block malware. Full list of resources, blocked Kido, you can see, for example, here.
Deleting malware network is made using a special utility KKiller. exe, which can be downloaded from here.


• kido zombie network
• labkido
Random related topic`s:
A new version Kido (kido)Opera browser is 15 years old ( computers)Top Malware March Laboritorii Kaspersky ( malware)Aigo MID - one of the firstThe next innovation in the service Gmail ( possible)Kaspersky Lab:from spammers away customers ( kaspersky)CPU-cooler Zalman CNPS7000C in four versions execution ( versions)