A prolific new worm has managed to infect over 3.5 million computers that run on the Windows operating system, as the security firm F-secure has revealed.

The Conficker (also known as the Downadup) worm uses an intricate algorithm in order to draw up a list that changes on a daily basis of domains that the infected systems attempt to make contact with. Consequently, hackers only have to register one of these domains so as to establish contact with the botnet that Conficker has set up, which results in security watchers’ efforts to take down the command to turn out to be to no avail.

Nevertheless, the cunning tactic has also enabled F-secure to register a domain that infected machines were likely to contact and keep an eye on what goes on. The findings of their experiment show that over 3.5 million Windows PCs are currently in the hands of hackers that have not been identified.

The Conficker worm kicked off its attacks in late November and exploited the MS 08-067 vulnerability that Microsoft had patched back in October, while it can presently infect removable devices and network shares using a special autorun.inf file.

Security watchers at the Internet Storm Centre, after having analyzed the worm’s code, informed that Conficker used social engineering ruses entailing that a user could easily be tricked into thinking they were only opening a folder when they were actually clicking to run the worm’s code every time they inserted an infected drive into a Windows system.

In order to prevent the aforementioned from occurring, experts have recommended that users disable Autorun or forbid the use of USB devices.