Worm Warning: New Would-be Botnet Growing Explosively

A new botnet. and a big one, could be in the early stages of existence, with more than 3.5 million PCs, by some estimates, already enrolled as a result of a fast-spreading worm. As many as a third of the world's Windows machines may be vulnerable.The fast spread of the Confickr/Downadump worm to as many as 3.5 million PCs could be the opening phases of a new botnet attack.

Security vendor F-Secure put the infected machine estimate bluntly, posting in a blog that there are:

"2,395,963 infections worldwide. This figure is conservative; the real number is certainly higher."

That same post goes into some detail about how the worm worksw; further details are here, at F-Secure's Downadump/Confickr page.

While it's early days yet to see what form a potential botnet formed from the infect machines take, we all know all too well how quickly early days can become "too late!"

And in some ways this one is already too late -- the worm takes advantage of unpatched machines from last October's critical Microsoft patch for most versions of Windows, Vista and Windows Server.

Probably there won't be a better example this year of just how poorly the world's PC users act on patching vulnerabilities, even critical ones, than this.

But don't bet on it. The year's still young.

And so, alas, is the wannabe botnet.