Conficker Worm Prepares For A New Release On April 1
March 27, 2009 by John Messina
(PhysOrg.com) -- The conficker worm created havoc last year when it infected over 10 million computers on a global scale. The unique design of the conficker worm allowed for this large scale attack to over 8 million business computers and scores of individual computers in 2008.
The conficker worm is periodically evolving by downloading updates that creates thousands of false domains daily to throw off security investigators. On the day it chooses to update, it selects 500 correct domains out of the 50,000 candidates to download malware and updates from.
• On the first release it tried to download and execute a file called loadav.exe. It turned out that the file was never uploaded and the next generation did away with this. This led investigators to believe it was a malware program trying to promote itself as fake antivirus software.
• The second release, the worm used Windows Services, on unpatched machines, to spread. This new release also had the power to spread over network shares by trying to log in autonomously into network machines with weak passwords. It developed the ability to infect USB sticks connected to infected machines, giving it another means of transmission.
• On the final and third release, which became know as the Downadup virus, peer-to-peer communication between infected systems was added to it's arsenal of weapons. The virus also added new domain-generation algorithms to help it disguise where it was receiving its updates from.
Microsoft is offering a bounty for the worm's writers and security experts are no closer to having any clue as to the individual or individuals who are writing the Conficker code.
As Conficker continues to spread and get smarter, there is little doubt it's creating an army of infected machines, one that can cause serious damage. On April 1 we will see the attacks be taken to the next level. One can only guess what this next release has in store for the Global Internet Community.
© 2009 PhysOrg.com
-
The Raging Windows Worm has attacked over 8.9 Million Computers
Jan 19, 2009 |
not rated yet |
0
-
Help! How to avoid fast-moving computer worm
Jan 28, 2009 |
not rated yet |
0
-
Downadup Worm Hits Over 3.5 Million Computers
Jan 16, 2009 |
not rated yet |
0
-
No foolproof way to beat virus attack for now
Aug 17, 2005 |
not rated yet |
0
-
Companies often overstate 3G cell speeds
Feb 18, 2009 |
not rated yet |
0
-
Engineers build first sub-10-nm carbon nanotube transistor
Feb 01, 2012 |
4.9 / 5 (33) |
30
-
Something old, something new: Evolution and the structural divergence of duplicate genes
Jan 31, 2012 |
4.6 / 5 (7) |
1
-
The hidden nanoworld of ice crystals: Revealing the dynamic behavior of quasi-liquid layers
Jan 30, 2012 |
5 / 5 (4) |
1
-
Stock market network reveals investor clustering
Jan 27, 2012 |
3.9 / 5 (23) |
8
-
Of microchemistry and molecules: Electronic microfluidic device synthesizes biocompatible probes
Jan 26, 2012 |
5 / 5 (2) |
0
-
How to calculate total compressibility in liquid porous solid system
2 hours ago
-
Need help reading 3-D
21 hours ago
-
A way to send and receive wireless data
Feb 11, 2012
-
Calling function with no input argument
Feb 10, 2012
-
Force free body diagram problem on gym equipment
Feb 10, 2012
-
Empirical data regarding shower heads and water
Feb 10, 2012
- More from Physics Forums - General Engineering
More news stories
Google might launch Drive for cloud storage soon
(PhysOrg.com) -- Google's next big move, according to the Wall Street Journal, is a cloud storage service called Drive. Hardly first to the plate, Google is simply catching up to introducing its cloud reposi ...
10 hours ago |
4.8 / 5 (5) |
4
|
Iran blocks email, restricts net access: reports
Iran has further restricted access to the Internet and blocked popular email services for the past few days, in a move a top lawmaker said could "cost the regime dearly," media reports said on Sunday.
3 hours ago |
5 / 5 (1) |
3
Love a click away in Indonesia's Twitter Republic
He was a geeky kid from Yogyakarta, she a glamorous city girl in Jakarta. In a country with one of the world's most vibrant social networking scenes they fell in love on Twitter.
11 hours ago |
4 / 5 (1) |
0
Walney offshore wind farm is world's biggest (for now)
(PhysOrg.com) -- The Walney wind farm on the Irish Sea--characterized by high tides, waves and windy weather--officially opened this week. The farm is treated in the press as a very big deal as the Walney ...
Technology / Energy & Green Tech
Feb 11, 2012 |
4 / 5 (11) |
37
|
Navy to begin tests on electromagnetic railgun prototype launcher
The Office of Naval Research (ONR)'s Electromagnetic (EM) Railgun program will take an important step forward in the coming weeks when the first industry railgun prototype launcher is tested at a facility ...
Feb 06, 2012 |
4.5 / 5 (17) |
94
|
Scientists discover molecular secrets of 2,000-year-old Chinese herbal remedy
For roughly two thousand years, Chinese herbalists have treated Malaria using a root extract, commonly known as Chang Shan, from a type of hydrangea that grows in Tibet and Nepal. More recent studies suggest that halofuginone, ...
New method to examine batteries -- MRI from the inside
There is an ever-increasing need for advanced batteries for portable electronics, such as phones, cameras, and music players, but also to power electric vehicles and to facilitate the distribution and storage of energy derived ...
Lab study raises questions over nano-particle impact
Tests involving chickens have raised questions about the impact on health from engineered nano-particles, the ultra-fine grains commonly used in drugs and processed foods, scientists said on Sunday.
Injured boomers beware: Know when to see doctor
(AP) -- It happened to nurse Jane Byron years after an in-line skating fall, business owner Haralee Weintraub while doing "men's" push-ups, and avid cyclist Gene Wilberg while lifting a heavy box.
A mitosis mystery solved: How chromosomes align perfectly in a dividing cell
Although the process of mitotic cell division has been studied intensely for more than 50 years, Whitehead Institute researchers have only now solved the mystery of how cells correctly align their chromosomes during symmetric ...
Starve a virus, feed a cure? Findings show how some cells protect themselves against HIV
A protein that protects some of our immune cells from the most common and virulent form of HIV works by starving the virus of the molecular building blocks that it needs to replicate, according to research published online ...
Mar 27, 2009
Rank: not rated yet
Mar 27, 2009
Rank: 4 / 5 (1)
Mar 27, 2009
Rank: 5 / 5 (1)
Mar 27, 2009
Rank: 5 / 5 (1)
Mar 27, 2009
Rank: 1.5 / 5 (2)
Mar 27, 2009
Rank: 5 / 5 (1)
Mar 27, 2009
Rank: 3.7 / 5 (3)
The ONLY way I could see that happening, is if the antivirus companies themselves are developing the virus (which, btw, they DO have people on staff that do nothing but develop viruses so the code can be used to expand the AV softwares viral database)....I also wouldnt doubt that is the case with that being said.
we're still about a decade away, give or take a few years, from anything even approaching the capabilities of skynet...oih except for my domain controller bearing the same name...oh and about 50 of my buddies domain controllers as well :)
Mar 27, 2009
Rank: 4 / 5 (4)
I for one have already asked Conficker into my heart and joyously await its arrival. The rest of you are screwed.
Mar 27, 2009
Rank: 5 / 5 (1)
Mar 28, 2009
Rank: 4 / 5 (4)
hilarious
Mar 28, 2009
Rank: not rated yet
You also share your loyalties to the FSM, don't you?
Mar 28, 2009
Rank: not rated yet
"At April 1 we will announce our new great virus!" *applause* "It will be more mysterious and dangerous than previos versions!"
Mar 28, 2009
Rank: 1 / 5 (1)
Does this article have something to do with religion or is it that you can't help exercise your bigot fetish and troll like a moron on every thread you post on?
Mar 28, 2009
Rank: not rated yet
Mar 28, 2009
Rank: not rated yet
Mar 28, 2009
Rank: 5 / 5 (1)
Because you bought into all of that "Mac is virus proof" crap?
Mar 28, 2009
Rank: 5 / 5 (1)
If you were a sociopathic jerk and wanted write malicious code and really screw with a lot of people's lives would you....
a)Write said code so it will only effect 1% of the population, or...
b)Wrist said code so it will effect 99% of the population?
Don't break something thinking TOO hard about it...
Mar 29, 2009
Rank: 5 / 5 (1)
Mar 30, 2009
Rank: 4 / 5 (1)
Mar 30, 2009
Rank: 2 / 5 (1)
Mar 30, 2009
Rank: not rated yet
All your base are belong to us!
eeeent!
eeeent!
eeeent!
Mar 31, 2009
Rank: 5 / 5 (1)
SOMEBODY SET US UP THE BOMB!!!!!
Mar 31, 2009
Rank: not rated yet
Terrible. You got your bad translation WRONG.
Its
"Somebody set us up the bomb."
Your way makes too much sense. Please get it right in the future.
A more appropriate choice of mistranslations would be:
You have no chance to survive make your time.
Ethelred
Mar 31, 2009
Rank: not rated yet
Mar 31, 2009
Rank: not rated yet
Not surprising.
FYI: if you've run windows update since July 08 you're all set.
Apr 01, 2009
Rank: not rated yet
I think you may have missed the joke, V. Here: youre about 10 years late, but Im sure its still funny.
http://www.youtub...ugh-fFgg
Apr 01, 2009
Rank: not rated yet
I think you missed the joke. I'm familiar with the poorly translated Japanese game, and the resulting internet All Your Base fad.
Apr 01, 2009
Rank: not rated yet
WORM BAD!!!!
Apr 04, 2009
Rank: not rated yet
Apr 04, 2009
Rank: not rated yet
Just wait, you'll see.
Apr 05, 2009
Rank: 5 / 5 (1)
Apr 18, 2009
Rank: not rated yet
x646...-there is DoD code written into every operating system developed in the US. If a government entity were responsible, trust me, we would NEVER know the worm was ever even there. This isn't any government thing...they are pricks, and they steal our rights daily, BUT, this is the governments doing. The last I heard, this was suspected to come from eastern europe.
smokabowl420-1. love the name, can I join :D 2. When the hell is that coming out I wanna see it :D
Apr 19, 2009
Rank: 4 / 5 (1)
Big Brother was watching, but he changed the channel because we're all boring, and he really doesn't care.
Apr 19, 2009
Rank: not rated yet
But let's forget I said anything about it in hind sight...I need to stop my drinking binge.... :|
I should have phrased it differently though, to reflect more of a backdoor, not specific code.
Apr 19, 2009
Rank: 5 / 5 (1)
Apr 20, 2009
Rank: 5 / 5 (1)
And as for agents at the cell phone companies, welcome to the 40's. The FCC regulates all radiowaves, including cellular, 3g, EVDO, and all the other nifty portable comm techs. They're antipiracy, as well as oversight.
Just because the NSA can record your conversation, and listen to it, doesn't mean they care about your conversations. You're too boring for Big Brother to care about. Seeing as you're on a free-range, searchable forum, you should probably also know that they can track every purchase you make with credit cards, all your usernames and passwords, what you have in your grocery cart at the chekout line, etc, etc. And since you've raised a slight "anti-governmental" statement in the past, you'd expect that they're watching you right now as you eat your english muffin and contemplate heading down to the basement for a jerk before work, but, they don't care.
Apr 23, 2009
Rank: not rated yet
There is secret service of all things at cell phone companies...I know an agent assigned to one who is basically family to me....and he/she (won't say) has been there for a few years now.
Oh and no, not speaking to the chip...
And I do agree, I myself, along with every last one of us in here is too boring to review, but that doesnt change the fact they ARE violating our right to privacy unconstitutionally.
Apr 24, 2009
Rank: not rated yet
Apr 26, 2009
Rank: not rated yet
Who better than secret service and the various militaries?