Conficker Worm Now Running Harmlessly Amok
Conficker Worm Now Running Harmlessly Amok
Posted 01/26/2011 at 10:08am
| by Paul Lilly
2
Comments
Print
The now infamous Conficker worm created quite the scare for security researchers, and in some ways, it still does. In a new report (PDF), the Conficker Working Group -- a coalition of cybersecurity experts and industry heavyweights including Microsoft, ICANN, domain registry operators, AV vendors, and academic researchers -- reveals what they've learned from the worm, as well as some of the frustrations.
In short, the group has been successful in blocking the worm's author(s) from being able to use the worm for whatever dastardly deeds it might have been created for, but they've failed to kill Conficker entirely.
"The Conficker Working Group sees its biggest success as preventing the author of Conficker from gaining control of the botnet," CGW notes. "Nearly every person interviewed for this report said this aspect of the effort has been successful. The blocking of domains continues and the Working Group has indicated they will maintain their effort."
At the same time, CGW "sees its biggest failure as the inability to remediate infected computers and eliminate the threat of the botnet. While remediation efforts did take place, millions of the A/B variations of Conficker remain on infected computers."
Shockingly, the self-replicating worm remains on more than five million computers and "is among the largest botnet in the past five years," the report said. And while the author hasn't been caught, the group believes the person responsible lived in Eastern Europe.
More like this
2
Comments
Comments are closed on this article
TheQuietShadow
January 27, 2011 at 9:51am
Meanwhile the creator of this worm sits behind his computer laughing after reading this article, because he left some kind of back door that hasn't been detected because they are programmed to open at a specific date and time. This will be when he takes over the world of computers.
Engelsstaub
January 26, 2011 at 3:19pm
I'd guess it most likely is of either Swiss, German, or Austrian origin in light of its actual name. (You can guess what "ficker" means if you're not fluent in German.) Only the latter nation would qualify as Eastern Europe. ;)
If this person is intelligent enough to create a worm of this sort of magnitude, I'm certain there's another undoubtedly on the way. Sorry to be the harbinger of bad news.
Connect with MaximumPC
Featured Content
The gang discusses the GTX 690, Trinity, Ivy Bridge, Amazon, big-box stores, MMOs,...
This month's issue
Feature
Build a PC On Any Budget
Feature
Cloud Services Showdown
How-To
Encrypt Your External Drive
Build It
Upgrade an X58 Rig
Most Commented Articles
Latest Max PC Tweets
- maximumpc: Original RickRoll Video Returns to YouTube After 24-Hour Copyright Hiatus http://t.co/MaH9Sxyy1 day 6 hours ago
- maximumpc: Corsair has decided not to go forward with its $78 million IPO, citing weak equity market conditions http://t.co/A5a4DAzj1 day 6 hours ago
- maximumpc: Want to work at Maximum PC? Our Online Managing Editor, Alex, is moving away, so we need a new one. http://t.co/9Z7JCh0E3 days 4 hours ago
