downadup

1000 days of Conficker

Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.

September’s Global Threat Report

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number

Win32/Conficker.AQ: What’s in a Name?

Larry Seltzer, one of the better commentators on malware issues, has picked up on the disparity between ESET’s naming of the latest variant and Symantec’s – they call it W32.Downadup.E. Richard Adhikari (who also seems to pretty clueful) also picked up on the naming issue when we exchanged emails a few days ago. This issue

Conficker: rising and shining…

So now for a little more tech detail on Win32/Conficker.AQ (kindly supplied by Juraj Malcho at our labs in Europe – however, if I get anything wrong, that will almost  certainly be down to my faulty interpretation!) The new variant has two main components. The server component is an .EXE that infects vulnerable PC’s in

How Embarrassing

I wondered why a newsletter from “Windows Secrets” got flagged as spam. It is because they have reduced themselves to as much. Near the top of the newsletter it proclaimed: Remove the Conficker worm: register now Conficker is one of the worst viruses in history and has infected over 15 million PCs. We are offering

April (1st) in Paris (London, Tokyo…)

…as I write, it’s past midnight here in the UK. In some parts of the world it’s already been April 1st for nearly 14 hours. I have yet to hear any reports of melted PCs, disappearing internets, or institutions DDoS-ed into insolvency by Conficker. I’ve just received email from a colleague in Sydney, where it’s business as

Conficker Launches Cyber Attack Against Big Ben

In an apparent effort to cause British commuters to miss their trains, Chinese hackers have ordered the Conficker.C botnet to randomly change the time on the venerable and vulnerable Big Ben. This has caused millions of Londoners to be late for work this morning. Hey, this is no more ridiculous than trying to protect against

Catching Conficker – a New Development

I can already hear a chorus of "Not ANOTHER Conficker blog?", but some of you will want to know about this development. The Honeynet Project has announced a new scanning tool for detecting Conficker, which gives network and system administrators a very handy extra tool for detecting Conficker activity on their networks. Furthermore, the tool

Conficker Removal (Update)

[Update: it seems that people who missed the whole MS-DOS/having fun with the C> prompt and batchfiles thing are still struggling with the fact that vendors are releasing cleaning tools that are really command-line tools, so some step-by-step notes are added below.] I’m sure you’re almost as bored with this issue as I am with the

Conficker Resurgent

It appears there are interesting developments in the Conficker/Downadup development front. Peter Coogan of Symantec describes here a variant that doesn’t appear to be interested in infecting new machines, rather more so in updating and protecting itself on systems already infected with previous variants. (And, yes, ESET’s ThreatSense technology does already detect it heuristically!) It seems to have

ESET Virus Radar

Archives

Copyright © 2013 ESET, All Rights Reserved.