The odd, 8‑year legacy of the Conficker worm
The Conficker worm was huge news when it emerged towards the end of 2008, exploiting millions of Windows devices. Today, it remains one of the most pervasive malware families around the globe.
Search results for: "conficker"
White Papers
Conficker by the numbers
This is a translation for ESET LLC of a document previously available in Spanish.
Autorun and Conficker not dead yet: Threat Trends Report
The two most prevalent threats over 2011 were still INF/Autorun and Conficker: ESET's December ThreatSense Report looks at threat trends in the new year.
1000 days of Conficker
Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.
The Conficker Group Prevents Damage from Massive Attack
Audio: /us/resources/podcasts/012611_ESET_Conficker.mp3
Fake Conficker Alerts
Urban Schrott, IT Security & Cybercrime Analyst at ESET Ireland, reports seeing more e-mail pretending to be from Microsoft is circulating, "warning" computer users that "Conflicker" is again spreading rapidly. ESET's ThreatSense engine identifies the malware as Win32/Kryptik.CLU trojan, and running it would result in further malware infections. Here's an example Urban quotes of one
Conficker Worm Now Infects Over 7 Million PCs
Audio: /us/resources/podcasts/121609_ESET_Conficker.mp3
Potentially Abandoned Conficker Grows
According to an article at Internetnews.com http://www.internetnews.com/security/article.php/3832846 the authors of the Conficker botnet may have abandoned it, yet it continues to grow in numbers. The growth of the botnet is troubling because it is completely preventable and because it means the infected computers are vulnerable to other threats and that these users are not using
Win32/Conficker.AQ: What’s in a Name?
Larry Seltzer, one of the better commentators on malware issues, has picked up on the disparity between ESET’s naming of the latest variant and Symantec’s – they call it W32.Downadup.E. Richard Adhikari (who also seems to pretty clueful) also picked up on the naming issue when we exchanged emails a few days ago. This issue
Conficker: rising and shining…
So now for a little more tech detail on Win32/Conficker.AQ (kindly supplied by Juraj Malcho at our labs in Europe – however, if I get anything wrong, that will almost certainly be down to my faulty interpretation!) The new variant has two main components. The server component is an .EXE that infects vulnerable PC’s in
Confounded by Conficker: not so Dozy
If you just got here looking for my blog on Conficker and “blended hoaxes”, I’m afraid I just pulled it (temporarily at least) in the light of new data that’s come in since last night: I don’t want to mislead anyone, as it seems that the new Conficker stuff is a lot more active and
Not every Botnet is Conficker
If it was the intention of the Conficker gang to create a huge splash, they succeeded. (In fact, it’s quite possible that they’ve attracted more attention than they really wanted.) In any case, it seems that lots of people are looking nervously over their shoulders for any indication that something unpleasant and Conficker-related is about
Conficker: After the Flood, the Backlash
Good morning. Is there anyone still out there and connected? Thought so. While one or two people who comment here seem to think I’m personally responsible for developing, maintaining, and marketing ESET products (and in at least one case writing the malware as well) I’m afraid I didn’t spend April 1st crouched over a rack
Conficker: the rest is probably not silence
So, nothing happened? Well, yes. Our labs, who’ve been monitoring carefully, note that Conficker changed communication protocols, just as the code said it would. No doubt in the fullness of time, the botnet will start doing what botnets do: it would be bizarre to put this much effort into a project and then not try
Conficker Launches Cyber Attack Against Big Ben
In an apparent effort to cause British commuters to miss their trains, Chinese hackers have ordered the Conficker.C botnet to randomly change the time on the venerable and vulnerable Big Ben. This has caused millions of Londoners to be late for work this morning. Hey, this is no more ridiculous than trying to protect against
Catching Conficker – a New Development
I can already hear a chorus of “Not ANOTHER Conficker blog?”, but some of you will want to know about this development. The Honeynet Project has announced a new scanning tool for detecting Conficker, which gives network and system administrators a very handy extra tool for detecting Conficker activity on their networks. Furthermore, the tool
Conficker, Y2K, and Apocalypse Now
Around the end of the last decade, when I was working for a research organization in the UK, I used to write a monthly column on security for an in-house newspaper, and was rapped over the knuckles for telling this little story. I’ve probably changed the detail since then: I don’t keep everything I’ve written
Conficker Removal (Update)
[Update: it seems that people who missed the whole MS-DOS/having fun with the C> prompt and batchfiles thing are still struggling with the fact that vendors are releasing cleaning tools that are really command-line tools, so some step-by-step notes are added below.] I’m sure you’re almost as bored with this issue as I am with the
April Fools New Conficker Worm Variant Arrives April 1st
Audio: /us/resources/podcasts/031709_ESET_Conficker.mp3, Transcript: /us/resources/podcasts/transcripts/April Fools New Conficker Worm Variant Arrives April 1st.pdf
Conficker: Before the Flood (April Showers)
I don’t, of course, know for sure what’s going to happen on April 1st, when Conficker is timed, potentially, to go to its next stage of evolution. We do know, from inspecting code in the variants and subvariants that have come our way, that infected machines will be looking for instructions and updates on that date. At the very least,