Trend Micro virus hunter Ivan Macalintal appears to be the first researcher to identify specific, updated instructions being passed along, node-to-node, among PCs infected with Conficker Variant C.
On April 8, Macalintal isolated an infected PC in Korea that was passing the update across Conficker’s customized P2P network. The PC in Korea received the update from another node on Conficker’s P2P net. Macalintal told LastWatchdog that he also has identified …More
The Microsoft-supplied diagram (shown below)Ã‚Â depicting how Conficker spreads is accurate, but dated, and therefore somewhat misleading.
The lastest version of Conficker, Variant C,Ã‚Â is not looking for unpatched Windows PCs to infect, according to SRI International and IBM ISS.
The bad guys appear to have infected more PCs than they can productively manage, perhaps well over 10 million, according to OpenDNS founder David Ulevitch.
ConfickerÃ‚Â C first appeared on March 5. It’ s …More
An IBM Internet Security Systems researcher, named Mark Yason, has cracked open Conficker’s secret communications protocol — the means by which infected PCs are using Conficker’s customized peer-to-peer, orÃ‚Â P2P,Ã‚Â network to stay in touch with each other.
This is a major breakthrough. Yason worked straight through a couple of sleepless nights to reverse engineer the coding designed to cloak the ongoing “random chatter” between PCs in Conficker’s custom-built P2P …More
Many security experts are downplaying the significance ofÃ‚Â millions of Conficker-infected PCs initiating an elaborate calling home sequence on April 1.
Still, concerns are growingÃ‚Â about the much firmer grip the bad guys are on the cusp of securing on the corrupted PCs, whether or not they choose to do anything with them on April Fools Day.
Consumer tips for combatting Conficker
March 25, 2009
Quicky Conficker infection test
ToÃ‚Â quickly find out if your PC might be one of the millions infected by Conficker, try clicking to Microsoft.com. Next try Symantec.com. Now try McAfee.com. If you can get to these sites, you are not infected.Ã‚Â But if your browser will not let you access any of these websites, as shown below, then you very likely are infected with Conficker.
You can also conduct a visual version of this text by using this eye-chart …More
Countdown to Conficker’s April Fools Day Climax
March 25, 2009
Two schools of thought exist about what the Conficker worm will do come the wee hours of April 1, 2009, GMT.
Some experts, like WinPatrol creator Bill Pytlovany, are sensing that the worm’s controllers will run circles around the Microsoft-led “cabal” of security groups trying to block some 3 million to 12 million Conficker-infected PCs from phoning home on April Fools Day.
The evolution of an extraordinary globe-spanning worm
March 25, 2009
2008 – 2009
CLICK HERE to see F-Secure’s comprehensive Conficker FAQ.
Aug. 20: The Gimmiv Trojan, which exploited the vulnerability Conficker capitalises on, is first spotted running in a virtual machine on a server in South Korea. Experts speculate this was a a test run prior to it being released in the wild. (Source: BBC)
Sept. Chinese malware brokers are spottedÃ‚Â sellingÃ‚Â a $37 tool kit that allows anyone to exploit this newly-discovered security hole in a component of …Morekeep looking »