Conficker
There is a loophole in the system somewhere later it undoubtedly exploiting. Conficker, Downup, Downadup, and Kido, are all names of computer viruses. That hit the Web in 2008 system. These techniques included copying to shared folders and using the AutoRun utility for removable media.
Once a computer has infected, Conficker disables Windows system security services and automatic backup settings, deletes restore points, and makes security-related websites inaccessible. Despite its wide distribution and the hassle of getting rid of it, the worm itself did not cause much damage.
What is the Conficker?
Conficker is a rapidly spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.
In November 2008. Since then, Conficker has infected millions of computers and set up the infrastructure for a botnet.
The worm is to contact the controlling computers and presumably perform other actions on April 1. Some experts have speculated that attackers would rent parts of the botnet to criminals who would use them for spam, identity theft, phishing exploits, and the like. malicious activities.
Like most malware today, Conficker is a mixed threat, combining the functionality of several different approaches. Once infects a computer, it disables many security features and automatic backup settings, deletes restore points, and opens connections to receive instructions from a remote computer. Once the first computer configures, Conficker uses it to access the rest of the network.
Conficker can spread by several means, by copying itself to shared folders, for example, or by exploiting the autorun utility for removable media. There are three variations of Conficker. Conficker C, the most recent version, leverages peer-to-peer networking capabilities to improve delivery.
Conficker know by other names as Downup, Downadup, and Kido.
It is a computer targeting the Microsoft Windows operating system. that first discovered in November 2008.
It spreads by taking advantage of Windows OS software vulnerabilities as well as dictionary attacks on administrator passwords, building up a botnet, and has been notoriously difficult to counter for the reason that it blended together lots of advanced malware techniques. The Conficker worm had infected millions of computers, including government, business, and home computers in over 190 different countries making it the biggest known computer worm infection since the 2003 Welchia.
Conficker was first detected in November 2008. It spread so quickly that it was considered the biggest worm infection since the 2003 SQL Slammer. The researchers believe that it covered more than 9 million homes, businesses, and governments at the end of January in 2009. computers in over 200 countries.
This name is asserted to be coined by combining the words “configuration” and “ficker.” Another origin suggested by Microsoft analyst Joshua Phillips is that it was derived from trafficconverter.biz, as a rearrangement of the letters of the domain (even though the domain name does not contain the letter “k”). This site is using by Conficker as a blind spot to download its updates.
There five Conficker variants, choose A to E.
Each variant is an improvement on the previous one and contains more defense mechanisms against detection.
The first iteration of the worm spread over the Internet by exploiting a vulnerability in the Windows network service. The second variant of the virus added the ability to spread through local area networks, removable storage, and network share. The following variations have improved the worm’s encryption capability and detection prevention.
Although Conficker’s methods are well knowing to researchers. When combining the use of so many defense methods makes its total eradication very difficult. The constant updating of the worm also serves to keep it alive. Whenever a fix or a fix has been made, its authors remove the vulnerability against that fix.
Leave A Comment