7 Million Chinese IPs Infected with Conficker Worm: Report

Dennis Faas's picture

In a recent annual security report posted on the web site of China's National Computer Network Emergency Response Technical Team (CNCERT), it was reported that almost 7 million Internet Protocol (IP) addresses were infected with the "Conficker B" worm at the end of 2009. While the number of infections fluctuated on a week-to-week basis, all but one week had at least 5 million IP infections in the country.

Statistically, China represents 28 per cent of the total number of compromised computers infected with the Conficker B worm, the largest percentage world-wide. (Source: pcworld.com)

Conficker: One of the Largest Botnets Worldwide

Technically, Conficker is a botnet: an army of 'zombie' computers lying dormant but still under the control of a few central computers, awaiting orders for an attack. Statistically, Conficker represents one of the largest botnets in the world, with millions of PCs worldwide still infected by the worm.

That said, many have questioned whether or not the Conficker worm is actually something to be feared. That's the underground hackers who control Conficker have barely tapped into their vast network of prone computers to issue an attack.

17 Million Chinese Don't Use Antivirus

The news of Conficker making its rounds in the Far East should come as little surprise. According to one recent report, nearly 17 million Internet users in China surf the web with no antivirus support at all. In addition to lacking antivirus software, piracy continues to be a huge concern in China.

In addition to Conficker B, China also had between 125,000 to over 300,000 IPs infected with Conficker C during the second half of 2009.

Measuring Infected IPs Difficult

While the ballooned figures are leaving many people feeling a bit uneasy, the numbers may also appear skew.

Shadowserver Foundation, a volunteer organization, suggests that less than 2 million PC infections in China are actually related to the Conficker worm. This is much different than the 7 million figure listed above.

The numbers are vastly different as it is difficult to measure infected IP addresses online. For example: a computer can connect and disconnect from the Internet multiple times in a day; each time it is connected, a new IP address is assigned. This could easily balloon the figures, making the problem appears much worse than it actually is. (Source: cio.com)

Rate this article: 
No votes yet