1. Computing

Conficker is Back...and It Brought Company

By April 9, 2009

Follow me on:

Last week there was a great deal of hype and FUD (fear, uncertainty, and doubt) going around about the Conficker worm. The worm, which has been traversing the Internet for months exploiting a hole that Microsoft patched last October with Security Bulletin MS08-067, is estimated to have infected between 3 million and 15 million PC's. Security and antimalware vendors had reverse-engineered the worm and knew that it was set to do something new beginning April 1st- they just weren't sure what. Many predicted dire consequences and the crippling of the Internet, but nothing really happened. As they say in Texas- it was "all hat, no cattle".

However, just because April 1st came and went doesn't mean the threat is gone and we can just pretend Conficker never existed. April 1st was just the kickoff of the new Conficker behavior, but not necessarily the end of it. Now its a week later and security researchers are starting to report that they are seeing a new payload being delivered to PC's compromised with Conficker. The payload, apparently being delivered via the peer-to-peer (P2P) networking component of the worm, is still being researched but appears to at least have a keystroke logging component that can capture sensitive information such as usernames, passwords, credit card numbers, and more.

Check out the Conficker Eye Chart site created by the Conficker Working Group for a quick visual test to determine whether or not your PC might be compromised with some variant of the Conficker worm.

In related news there is also a Conficker copycat circulating in the wild. Neeris is making the rounds via instant messaging clients. If you haven't already (and *if* you haven't- why haven't you???), make sure you apply the MS08-067 patch.

Comments
Comments are closed for this post.
Leave a Comment

Line and paragraph breaks are automatic. Some HTML allowed: <a href="" title="">, <b>, <i>, <strike>

©2014 About.com. All rights reserved.