tag
downadup

September’s Global Threat Report

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number

Win32/Conficker.AQ: What’s in a Name?

Larry Seltzer, one of the better commentators on malware issues, has picked up on the disparity between ESET’s naming of the latest variant and Symantec’s – they call it W32.Downadup.E. Richard Adhikari (who also seems to pretty clueful) also picked up on the naming issue when we exchanged emails a few days ago. This issue

Conficker: rising and shining…

So now for a little more tech detail on Win32/Conficker.AQ (kindly supplied by Juraj Malcho at our labs in Europe – however, if I get anything wrong, that will almost  certainly be down to my faulty interpretation!) The new variant has two main components. The server component is an .EXE that infects vulnerable PC’s in

Confounded by Conficker: not so Dozy

If you just got here looking for my blog on Conficker and "blended hoaxes", I’m afraid I just pulled it (temporarily at least) in the light of new data that’s come in since last night: I don’t want to mislead anyone, as it seems that the new Conficker stuff is a lot more active and

Russian DDoS Revisited

Talking of the C-worm ("Will no-one rid me of this troublesome malware?") I mentioned in a blog from a couple of days ago that Jose Nazario supplied some useful information on an issue I was checking into. The issue concerned reports from a Russian news site of Distributed Denial of Service attacks on Russian sites:

Not every Botnet is Conficker

If it was the intention of the Conficker gang to create a huge splash, they succeeded. (In fact, it’s quite possible that they’ve attracted more attention than they really wanted.) In any case, it seems that lots of people are looking nervously over their shoulders for any indication that something unpleasant and Conficker-related is about

Conficker: the rest is probably not silence

So, nothing happened? Well, yes. Our labs, who’ve been monitoring carefully, note that Conficker changed communication protocols, just as the code said it would. No doubt in the fullness of time, the botnet will start doing what botnets do: it would be bizarre to put this much effort into a project and then not try

April (1st) in Paris (London, Tokyo…)

…as I write, it’s past midnight here in the UK. In some parts of the world it’s already been April 1st for nearly 14 hours. I have yet to hear any reports of melted PCs, disappearing internets, or institutions DDoS-ed into insolvency by Conficker. I’ve just received email from a colleague in Sydney, where it’s business as

Catching Conficker – a New Development

I can already hear a chorus of "Not ANOTHER Conficker blog?", but some of you will want to know about this development. The Honeynet Project has announced a new scanning tool for detecting Conficker, which gives network and system administrators a very handy extra tool for detecting Conficker activity on their networks. Furthermore, the tool

Conficker, Y2K, and Apocalypse Now

Around the end of the last decade, when I was working for a research organization in the UK, I used to write a monthly column on security for an in-house newspaper, and was rapped over the knuckles for telling this little story. I’ve probably changed the detail since then: I don’t keep everything I’ve written

Conficker Removal (Update)

[Update: it seems that people who missed the whole MS-DOS/having fun with the C> prompt and batchfiles thing are still struggling with the fact that vendors are releasing cleaning tools that are really command-line tools, so some step-by-step notes are added below.] I’m sure you’re almost as bored with this issue as I am with the

Conficker Resurgent

It appears there are interesting developments in the Conficker/Downadup development front. Peter Coogan of Symantec describes here a variant that doesn’t appear to be interested in infecting new machines, rather more so in updating and protecting itself on systems already infected with previous variants. (And, yes, ESET’s ThreatSense technology does already detect it heuristically!) It seems to have

All’s Fair in Love and Marketing?

I don’t regard myself as being particularly naive: I know as well as you do that having an excellent product is not enough on its own. You usually have to market it properly as well: otherwise, it sinks because no-one is buying it, so no-one is making a living. I know, too, that this industry is not

Conficker Statistics

I just did some work on a report that quotes some of the various statistics – or do I mean guesstimates? – regarding how many machines were likely to have been infected by Conficker. That report has already gone out, but it’s been pointed out to me that the wording makes it sound like we’re

Confounding Conficker

[Update: Spiegl Online reports (in German!) that the total may be as high as 50 million infected machines: however, this figure seems to be extrapolated from the number of infections picked up Panda’s online scanner. Statistically, I’m not sure it makes any sense at all to try to correlate this self-selecting sample to the total population of

Confused about Conficker?

CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel. CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.