Conficker: MS Alert, Prevention, and Recovery

Mousey

Ueber Meister Mouse
I personally don't think this will be such a big deal on April 1, but I also think the majority of those whose computers are infected have no clue... But... better safe than sorry. Let's be careful out there.

You do not have permission to view link Log in or register now.
 

vinylweatherman

You type well loads
CAG
MM
Win32/Conficker.B has multiple propagation methods. These include the following:
Exploitation of the vulnerability that is patched by security update 958644 (MS08-067)
The use of network shares
The use of AutoPlay functionality
Therefore, you must be careful when you clean a network so that the threat is not reintroduced to systems that have previously been cleaned.

Oh Dear! Better empty all the money out of my MGS casinos before the 1st then:D
 

Mousey

Ueber Meister Mouse
Conficker Wakes Up ... quietly

April 8, 2009 3:27 PM PDT
You do not have permission to view link Log in or register now.

by Elinor Mills

The Conficker worm is finally doing something--updating via peer-to-peer between infected computers and dropping a mystery payload on infected computers, Trend Micro said on Wednesday.

Researchers were analyzing the code of the software that is being dropped onto infected computers but suspect that it is a keystroke logger or some other program designed to steal sensitive data off the machine, said David Perry, global director of security education at Trend Micro.

The software appeared to be a .sys component hiding behind a rootkit, which is software that is designed to hide the fact that a computer has been compromised, according ...
 

Mousey

Ueber Meister Mouse
Conficker worm hits University of Utah computers

You do not have permission to view link Log in or register now.

Posted on - Sun Apr 12, 2009 8:11AM EDT


SALT LAKE CITY - University of Utah officials say a computer virus has infected more than 700 campus computers, including those at the school's three hospitals.

University health sciences spokesman Chris Nelson said the outbreak of the Conficker worm, which can slow computers and steal personal information, was first detected Thursday. By Friday, the virus had infiltrated computers at the hospitals, medical school, and colleges of nursing, pharmacy and health.

Nelson says patient data and medical records have not been compromised.

"That's secured in a much deeper way ...
 

Mousey

Ueber Meister Mouse
Conficker virus begins to attack PCs: experts

You do not have permission to view link Log in or register now.

By Jim Finkle - Fri Apr 24, 2009 5:32PM EDT

BOSTON (Reuters) - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said.

Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said.

The worm started spreading late last year, infecting millions of computers and turning them into "slaves" that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet.

Its unidentified creators started using those machines for criminal purposes in recent weeks ...
 

vinylweatherman

You type well loads
CAG
MM
You do not have permission to view link Log in or register now.

By Jim Finkle - Fri Apr 24, 2009 5:32PM EDT

BOSTON (Reuters) - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said.

Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said.

The worm started spreading late last year, infecting millions of computers and turning them into "slaves" that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet.

Its unidentified creators started using those machines for criminal purposes in recent weeks ...
I have seen a more than 100% increase in the messages sent to my private email address, so perhaps this is an indication that quite a few machines have been infected, and are now being used.

Funnily enough, I am NOT seeing much of an increase in spam to my two other "public" email addresses, so it seems these spammers are not spamming randomly, but are using lists of "good" email addresses they have bought. Although private, this email address is MORE likely to be traded between businesses, or provided to subcontractors, than my public ones.
 
Top