A new digital plague has hit the Internet, infecting millions of personal and business computers in what seems to be the first step of a multistage attack.
Experts say it is the worst infection since the Slammer worm exploded through the Internet in January 2003, and it may have infected as many as nine million personal computers around the world.
The world’s leading computer security experts do not yet know who programmed the infection, or what the next stage will be.
In recent weeks a worm, a malicious software program, has swept through corporate, educational and public computer networks around the world.
Known as Conficker or Downadup, it is spread by a recently discovered Microsoft Windows vulnerability, by guessing network passwords and by hand-carried consumer gadgets like USB keys.
“This is a really well-written worm.” He said security companies were still racing to try to unlock all of its secrets.
Unraveling the program has been particularly challenging because it comes with encryption mechanisms that hide its internal workings from those seeking to disable it.
Most security firms have updated their programs to detect and eradicate the software, and a variety of companies offer specialized software programs for detecting and removing it.
The program uses an elaborate shell-game-style technique to permit someone to command it remotely.
One intriguing clue left by the malware authors is that the first version of the program checked to see if the computer had a Ukrainian keyboard layout. If it found it had such a keyboard, it would not infect the machine
http://www.nytimes.com/2009/01/23/technology/internet/23worm.html?_r=1&hp