Science

Windows virus spreading quickly, but may be a dud

A computer virus that may leave Microsoft Windows users vulnerable to digital hijacking is spreading through companies in the U.S., Europe and Asia, already infecting close to nine million machines, according to a private online security firm.

A computer virus that may leave Microsoft Windows users vulnerable to digital hijacking is spreading through companies in the U.S., Europe and Asia, already infecting close to nine million machines, according to a private online security firm.

Fortunately, however, it may be a dud.

Computer bugs have become a common affliction, but Finland-based F-Secure says a virus it has been tracking for the past several weeks has surged more rapidly through corporate networks than anything it has seen in years.

But the virus doesn't appear to be working as its designers intended. F-Secure's chief security adviser, Patrik Runald, said the virus's coding suggests a type of bug that alerts computer users to bogus infections on their machines and offers to help by selling them antivirus software.

Instead, the virus is simply spreading to little effect, though it may still pose a threat to infected computers.

"The gang behind this worm haven't used it yet," F-Secure's chief research officer, Nikko Hypponen said by phone.

"But they could do anything they like with any of these machines at any time."

Microsoft issued a security update Tuesday to deal with the so-called "Downadup" or "Conficker" virus, which appears to be a new version of a bug that popped up in October.

"Over the last couple of weeks, a new variant of this worm has been affecting customers," the company acknowledged in a blog post. Microsoft said the virus is spreading by gaining access to one computer and then guessing at passwords of other users in the same network: "If the password is weak, it may succeed."

A company representative couldn't immediately be reached Saturday to comment on F-Secure's estimate of infected machines.

Most computers with Windows will automatically download Microsoft's security update, but Hypponen said the virus disables updates on infected machines.

While the origin of the virus is a mystery, F-Secure's best guess is it came from Ukraine. Hypponen said it is coded to avoid computers there, which may indicate whoever wrote the virus was trying to avoid drawing attention from local authorities.