conficker

Security researchers continue hunt for Conficker authors

by Shanmuga

"There are several ongoing investigations attempting to find the authors of the Conficker botnet, one of the fastest spreading worms in history, but those responsible for the worm have proven elusive. Security expert Mikko Hyppönen, chief research officer at F-Secure Corp., said he is aware of several ongoing investigations, but was asked specifically not to

Read the full article →

Conficker hype may have harmed security efforts

by Shanmuga

"Media hype leading up to the Conficker worm’s April 1 update may have distracted computer users from other dangerous security threats, the FBI’s cybersecurity chief said here Thursday.

Read the full article →

Celebrity Viruses Improve Security

by Shanmuga

"Every so often, a computer virus becomes more than just a novelty for anti-virus researchers and moves into the consciousness of the mass media, even if it’s not a grave threat. The recent Conficker outbreak is a fantastic example of this.

Read the full article →

Spyware Protect 2009 Analysis and Removal

by Shanmuga

Though Spyware Protect 2009, a rogue security software made its appearance early this year, recently it’s in the news due to the fact that the notorious Conficker botnet gang chose to push it to the infected systems. Spyware Protect 2009 is your typical scareware with slight variations. Incessant, hard-to-get-away popups warn about hundred’s of imaginary

Read the full article →

Eyeballing Conficker with eye-charts and maps

by Shanmuga

"…Now that the crazy hype has died down (hopefully!), it’s important for end users to get reliable information on eyeballing the presence of Conficker on a machine and, if it’s found, disinfection instructions from a Web site that isn’t blocked by the malware.

Read the full article →

Did security companies hype Conficker?

by Shanmuga

"Conficker worm did nothing, or not very much, why did it turn into such a story? Was it hype? Is it still hype? Why was Conficker Different and was it really different? It’s fair to point out that elements of Conficker’s design inadvertently attracted attention, namely the fact that it activated at a set date

Read the full article →

Conficker and April 1st: Q and A

by Shanmuga

" Q: I heard something really bad is going to happen on the Internet on April 1st! Will it? A: No, not really. Q: Seriously, the Conficker worm is going to do something bad on April 1st, right? A: The Conficker aka Downadup worm is going to change it’s operation a bit, but that’s unlikely

Read the full article →

Malware Is Getting Formidable, but So Are Your Defenses

by Shanmuga

"…You can think of Conficker as being the state of the art in conventional malware. It not only uses an important vulnerability, but it’s a sophisticated blended attack, using a wide variety of mechanisms to spread: pseudo-random domains, dictionary attacks on weakly-protected network shares, USB drives and more. You can admire the work that went

Read the full article →

Conficker Removal Instructions and Tools

by Shanmuga

This week SANS Internet Storm Center updated their page on mitigating Conficker. They provide links to Conficker removal instructions from Microsoft, Kaspersky, BitDefender, TrendMicro and Sophos. Conficker removal tools from Microsoft MSRT, F-Secure, AhnLab, Symantec, McAfee, ESET, BitDefender, Kaspersky, Kaspersky and Sophos.

Read the full article →

Analysis of Conficker C

by Shanmuga

"Variant C represents the third major revision of the Conficker malware family, which first appeared on the Internet on 20 November 2008. C distinguishes itself as a significant revision to Conficker B. In fact, we estimate that C leaves as little as 15% of the original B code base untouched… Whereas the recently reported B++

Read the full article →

Latest Conficker worm gets nastier

by Shanmuga

"The authors of the latest variant of the Conficker worm are upping the ante against security vendors who are working to stop the spread and threat of the persistent program. Conficker.C shuts down security services, blocks computers from connecting to security Web sites, and downloads a Trojan.

Read the full article →