Picture sent by a reader

Summary: Conficker hits Manchester's law enforcement and paralyses it for days; Microsoft's shoddy programming also leads to attacks on the CIA and PayPal, via the Pushdo botnet

"THE Windows worm Conficker keeps going," alerted us a reader. "The assistant police chief might as well investigate how Windows got onto his network. This is a lot of taxpayer money getting wasted cleaning up after Bill."

The latest major incident took place right here in Manchester and we mentioned it earlier. This is now spreading to the other UK news sites [1, 2], but the problem is not unique to the UK. With all those zombie PCs that are created so rapidly, crackers are able to carry out attacks.

It was reported in many Web sites last night that the CIA and PayPal had been hit by a Windows botnet. Coverage includes:

1. CIA, PayPal under bizarre SSL assault

The "massive" flood of requests is made over the websites' SSL, or secure-sockets layer, port, causing them to consume more resources than normal connections, according to researchers at Shadowserver Foundation, a volunteer security collective. The torrent started about a week ago and appears to be caused by recent changes made to a botnet known as Pushdo.

2. Botnet sends fake SSL pings to CIA, PayPal, others

Pushdo downloads different Trojans onto infected machines and has been used to send spam as part of the Cutwail spambot, according to Stewart. It is comprised of about 300,000 infected PCs and the operators, believed to be located in Eastern Europe, are leasing out its usage to criminals, he said.

3. Botnet Targets Major Web Sites With Junk SSL Connection

Manchester is working to remove Conficker, but maybe it should just remove Windows. It's causing trouble to a lot of companies and agencies, even outside the infected area. ⬆