IBM ISS cracks open Conficker’s secret communications code
March 31, 2009
An IBM Internet Security Systems researcher, named Mark Yason, has cracked open Conficker’s secret communications protocol — the means by which infected PCs are using Conficker’s customized peer-to-peer, or P2P, network to stay in touch with each other.
This is a major breakthrough. Yason worked straight through a couple of sleepless nights to reverse engineer the coding designed to cloak the ongoing “random chatter” between PCs in Conficker’s custom-built P2P …More
Debate over significance of Conficker phoning home on April Fools Day
March 28, 2009
Many security experts are downplaying the significance of millions of Conficker-infected PCs initiating an elaborate calling home sequence on April 1.
Still, concerns are growing about the much firmer grip the bad guys are on the cusp of securing on the corrupted PCs, whether or not they choose to do anything with them on April Fools Day.
SecureWorks senior researcher Joe Stewart, who gave up playing bass guitar in a rock band …More
Consumer tips for combatting Conficker
March 25, 2009
Quicky Conficker infection test
To quickly find out if your PC might be one of the millions infected by Conficker, try clicking to Microsoft.com. Next try Symantec.com. Now try McAfee.com. If you can get to these sites, you are not infected. But if your browser will not let you access any of these websites, as shown below, then you very likely are infected with Conficker.
You can also conduct a visual version of this text by using this eye-chart …More
Countdown to Conficker’s April Fools Day Climax
March 25, 2009
Two schools of thought exist about what the Conficker worm will do come the wee hours of April 1, 2009, GMT.
Some experts, like WinPatrol creator Bill Pytlovany, are sensing that the worm’s controllers will run circles around the Microsoft-led “cabal” of security groups trying to block some 3 million to 12 million Conficker-infected PCs from phoning home on April Fools Day.
CLICK HERE for consumer tips on combatting …More
The evolution of an extraordinary globe-spanning worm
March 25, 2009
Conficker timeline
2008 – 2009
CLICK HERE to see F-Secure’s comprehensive Conficker FAQ.
2008
Aug. 20: The Gimmiv Trojan, which exploited the vulnerability Conficker capitalises on, is first spotted running in a virtual machine on a server in South Korea. Experts speculate this was a a test run prior to it being released in the wild. (Source: BBC)
Sept. Chinese malware brokers are spotted selling a $37 tool kit that allows anyone to exploit this newly-discovered security hole in a component of …More
‘Cyberinvaders’ crack into Sen. Bill Nelson’s staff PCs — twice
March 20, 2009
Cyberinvaders, as a peeved Sen. Bill Nelson, D-Fla. called them today, continue cracking into U.S. government systems with impunity.
Nelson, who serves on the Senate Intelligence, Armed Services and Finance committees, has just issued a statement disclosing that criminal hackers twice this month cracked into two PC workstations used by three of his key staffers. No classified information was kept on the breached PCs, which were used by Nelson’s foreign-policy aide, …More
Hackers hit Google with SEO poisoning
March 18, 2009
This blogpost initially posted here.
Cybercriminals have begun poisoning Google search results to misdirect sports fans looking to participate in March Madness festivities, security firms say. Websense has found poisoned “search engine optimization” results mixed in with legit results for Google searches on “March Madness schedule,” “March Madness brackets,” and “2009 NCAA bracket predictions.”
This story explains how poisoned SEO results can re-direct your browser to a website serving up all sorts of malicious programs. SEO attacks have become very …More