You are in: Articles / Security / Reports / Conficker Worm To Strike April 1
 
 
 

Conficker Worm To Strike April 1

(Stefanie Hoffman, ChannelWeb) The Conficker worm that has left a trail of destruction in its wake for the last six months is set for a new evolution April 1 that will enable it to stealthily launch a variety of malware attacks unbeknownst to the security community.

Security experts say that the new Conficker variant, which has infected at least 12 million users around the globe since its creation in October, will contain a new update mechanism that will allow it to communicate with its command and control centers to upload new marching orders and launch attacks at will.

Part of the new update will include a refreshed ability to dodge scrutiny from the security community, which has thus far been able to intercept communication between the worm and its domains. After April 1, however, the new Conficker variant will contain code that will prevent the security community from blocking updates.

"The Internet as we know it will still exist," said Paul Henry, security and forensic analyst for Lumension Security. "But what (the security community has) been doing will no longer work after April 1. There's great concern in the security community because they're no longer able to block the command and control communication of this botnet."

Like other renowned worms, Conficker relies on numerous attack vectors to self-replicate and spread, using such techniques as brute force password guessing to propagate throughout a network.

The latest and most sophisticated variant - Version C - of the Conficker worm, was renowned for infecting copious networks via peer-to-peer networks and USB drives. It also added numerous defensive measures designed to evade detection and removal by disabling Windows Automatic Updates and Windows Security Center. In addition, version C had the ability to block access to several security vendors' Web sites while rendering numerous antivirus products useless.

 
 
|
|
Rating: 12345
 
Leave a comment



Note: all fields marked with (*) are required
Comments (0)
 
Close send to email window
 



Verification code

Already a member?
Blacklist monitoring alerts
sign up Signup for our real-time monitoring service and receive email notifications each time one of your IPs gets blacklisted.
Free Signup
Mail Server Operating System Poll
.01

What OS do you use for your email server?
Linux
Windows
Other
disabled next
.02

How many mailboxes do you currently manage?
1-50
51-300
300+
previous next
.03

Would you like to comment upon the choosing of this particular OS?

previous
 
DNS Tools
Get IP status, owner and location, obtain its corresponding hostname or check specific ports.
Ping Statistics
Reverse DNS Lookup
Whois Info (IP owner)
GeoIP Information
Check Port
Open Relay Test
Test if your mail server is an open relay for spammers.
Blacklist Checker
Check if your IP is listed in DNS based email blacklists (DNSBL)