About 20 compromised computers have been identified at USU so far today (29Jan2008) and yesterday.
It looks like some hackers have web exploits that will compromise a completely patched and updated Windows computer. If you click on the wrong web page, you lose your computer.
Today, many USU people have been receiving Instant Messages that direct them to click on a web page. When you click on the link because the message looks like it is from a friend, your Windows computer is compromised. The worm then runs the messenger program to send the link to everyone in your contact list. Those recipients see a message that looks like it is from you, whom they trust, and they click on the link and they get infected, too. The worm appears to also install a "root kit" which gives the hacker full control of your machine for a variety of other purposes.
Having a fully patched, fully protected computer is no defense against this worm because your computer is doing what you told it to do (go to the web link). If you get such a message be sure to respond back to your IM friend to see if they are really there chatting with you.
Maybe in a few days there will be patches to address this problem, but for now, it is IMPORTANT that USU people refrain from clicking on untrusted web pages, even if they seem to be recommended by trusted sources. USU IT is exploring means of identifying additional compromised computers by examining network traffic patterns and ad hoc vulnerability test results.
