Microsoft warns about creative hackers
Attacks might have come from Ukraine?
Microsoft has warned about a wave of malicious attacks that exploit a vulnerability that was outlined in the firm’s security bulletin MS08-067.
The company said that there had been more than 50 reported exploits for the security flaw which it has seen and expect another “wave” of exploits to come.
Redmond warns that while initial attacks were mostly targeted at specific systems, there appear to be more general attacks in the wild now. The malware it has seen so far it has dubbed Worm:Win32/Conficker.A.
Worm:Win32/Conficker.A attacks corporates but has been seen by several hundred home users. It opens a random port between port 1024 and 10000 and acts like a web server.
When the remote computer is exploited, that computer downloads a copy of the worm via HTTP using the random port. The worm often uses a .JPG extension when copied over and then it is saved to the local system folder as a random named dll file.
Most reports about infections come from users in the United States, but we also received reports from other countries/regions such as Germany, Spain, France, Italy, Taiwan, Japan, Brazil, Turkey, China, Mexico, Canada, Argentina and Chile.
It seems that the Ukraine has been left alone by any of the exploits which suggests that it might have come from that country.