A Tip A Day [:: ATAD ::]

a fortune, two cents a day

ATAD #24 – Conflicker is out there and rampant

with one comment

Malicious code that was recently classified as a worm, surfaced in October 2008 and exploits  MS08-067 vulnerability in the Microsoft Windows family Operating System (surprise surprise !!). The worm is known by various names Downup, Downadup,  Kido, and the most popular being Conficker.

Conflicker has gone through various stages of development that make it harder to understand; credits to the use of P2P mechanism encrypting the traffic using the latest and greatest MIT MD6 algorithm. A noteworthy mention about the client on an infected machine is that, it uses an intelligent algorithm that creates a daily list of 250 random domain names to communicate with its mother ship that advertises different domain names each day. Guess what, it gets even better, the newer variant Conflicker. C just upped that number from 250 to 50,000.

What makes this one extra special is that no one seems to still know what its gonna do on “D day”. Experts guess that April 1 could probably be that D day, but we never know…

Let the guessing games continue; in the meantime, if you don’t have the habit of installing Microsoft Windows security fixes or keep you Windows auto update OFF, it’d be a good idea to get to the Symantec website and attempt a removal of a possible infection.

Cheers, and have a SAFE April 1.


[ also on vinaydeep.com via TechRepublic ]


Written by veed

March 31, 2009 at 7:18 pm

Posted in ATAD, news, security, tech, windows

Tagged with , , , ,

One Response

Subscribe to comments with RSS.

  1. Nice Post. I frankly don’t like to update microsoft security. It just makes my system more cranky

    James Smith

    November 5, 2009 at 4:17 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: