Welcome to p2pnet.net - The original daily p2p and digital news site. Always First!
REGISTER | LOGIN
Cool Stuff
MPAA News
Games / Consoles
News
Music
Movies
Reviews
Open Source
Mobiles
Advertising
Products
P2P
Off Topic
Freedom
Politics
Interviews
Security
DRM
Links
Kids and Kartels
Scroogle Search: 
Search
 
Web p2pnet   
   Search: 
Search
Torrent Site Tracker
    Sponsored by
Frostwire
 
p2pnet
 


mp3rocket
 
Add real-time p2pnet headlines to YOUR site ! Click here to download our newsfeed code

Conficker C: poised to strike April 1

p2pnet news view | Security:- April 1 is nigh and with it looms Conficker C.

“This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors,” explained Bill Thompson on Monday, going on »»»

Since it first appeared last October it has apparently infected over fifteen million computers around the internet, though even that number is no more than an educated guess because the worm works very hard to disguise its presence on a PC.

Conficker spreads through a security vulnerability in the Windows Server Service that allows a carefully written program to persuade the attacked computer to run malicious code instead of the Microsoft-written software.

Once installed it turns off Windows Automatic Update and stops you using the Windows Security Centre. It disables a range of internal services that could be used by anti-malware programs, blocks access to a number of anti-virus websites and and even resets and deletes system restore points so you can’t go back to an uninfected installation of your operating system.

And at some point it connects to a remote site to download additional malware and register itself as part of the botnet. The analysis of the latest version indicates that this will next happen on April 1st, and the day may be be a bad one because the way it does this has changed in the latest version of the worm, making it significantly harder to stop.

There’s a bounty worth $250,000 on the heads of the Conficker creators and the CBC has Byron Holland, CEO of the Canadian Internet Registration Authority, a non-profit organization that represents those who hold a .ca domain, saying:

“We’re going to do everything possible to make this extremely inhospitable terrain for any worm, this one in particular.

“This is the first virus that’s really focused on domain names as part of propagating the virus itself.”

Conficker C’s authors have programmed their worm to randomly generate domain names from 110 country-code domains around the world, including dot-ca, says the CIRA.

On its website, “CIRA`s efforts include pre-emptively registering and isolating previously unregistered dot-ca domain names expected to be generated over the next 12 months by Conficker C,” it states.

“This move, which covers the vast majority of affected names during that period, will prevent registration of those domains by undesirable actors. In the small number of cases where the domain name has already been registered, CIRA will actively investigate and monitor activities at those domains and take appropriate action if suspicious activity is detected.

“For security reasons, CIRA is not willing to provide further details.”

Said Thompson:

“Whatever happens with this particular worm, we have to hope that the security features in Windows 7 will reduce the impact of all types of malicious software in the Microsoft ecosystem, although there will probably be enough unpatched systems around for some years to sustain Conficker and other worms, especially if the growth of netbooks means that Windows XP is still being used.

“But while it`s easy to blame Microsoft for making their systems vulnerable we should also acknowledge that our own demands have contributed a great deal to the current situation and may make a complete solution unachievable.

“We have demanded complex, sophisticated computers that are easy to use, simple to interact with and able to connect to the internet as full peers. We want what Jonathan Zittrain calls `generative` systems that can run new software to take advantage of new services and connect us to new people. And we do not want to spend hours configuring firewalls, locking down features or scanning for potential malware.”

Perhaps we shouldn’t be surprised that attempts to make these systems secure have failed, he added.

explained Bill Thompson – Conficker worm – The Return?, March 23, 2009
CBC – Group launches strategy to block Conficker worm from .ca domain, March 24, 2009

Use free p2pnet newsfeeds for your site. It`s really easy!
Subscribe to p2pnet.net | | rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php

Net access blocked by government restrictions? Use Psiphon from the Citizen Lab at the University of Toronto. Go here for details.

This entry was posted on Wednesday, March 25th, 2009 at 8:53 am and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

HOME

Viewed 13023 times

« previous
next »

2 Responses to “Conficker C: poised to strike April 1”

  1. rezki Says:
    March 25th, 2009 at 11:28 pm

    conficker, the bad virus. i think it is the time to get virus conficker removal tool. take it here http://benshared.com/virus-conficker-cleaner-pcmav-express.html

  2. lambda Says:
    April 1st, 2009 at 11:45 am

    If you want to be infected go and try the link above !

Leave a Reply

ONLY items referencing the post at hand, please. No links to personal sites, no personal attacks, trolling, freebie advertising, or off-topic posts. Thanks. And Cheers!

    Sponsored by
tek savvy