Wanna subscribe to my post via RSS Feed?

21 January 2009

Conficker Worm Attack. How to Protect Yourself!

Fresh reports have indicated that the Conficker computer worm, also known as Kido or Downadup, has infested 4 times more corporate systems around the world in the last few days. The worm has infested nearly 8 million “Microsoft Windows” system across the globe from just over 2 million 4 days back. Microsoft had issued a critical patch in early 2008, however many corporate computers still haven’t applied the patch.

The USB sticks are the primary mode of infection. It’s confirmed that Conficker cannot spread through Internet or emails. The main mode of transfer is when an infected laptop or USB is connected to the network. It piggybacks on USB sticks and then infects any Windows machine the USB is plugged into.

The feature of Conficker virus is to settle on a vulnerable system, which doesn’t have the security patch applied and then start guessing the password to the system. The worm is believed to have list of common passwords and engages them to break the password of the system. Conficker will propagate through the network thereby infesting the system and causing havoc to the system.

It is very hard to remove the virus as it grabs control of the system even before the system starts. It attaches to the windows processes “services.exe”, “explorer.exe” ad svchost.exe and makes clones of itself and registers as a DLL file with a random name. It disables and destroys windows application like “Windows Updates” and “Windows Defender”. It grabs control of all security update features.

Once in, the worm checks several websites for the current date, then generates a domain name based on that date and downloads infected files from that domain. Conficker is very hard to be removed as it registers itself as kernel drivers and as a copy of the critical services.

To protect your system from this virus install this patch from Microsoft website (security bulletin MS08-067), then run the latest edition of the Windows Malicious Software Removal Tool.

2 comments:

Anonymous said...

I need someone who is infected with the conficker virus and who knows alot like me to help work with me on this.

Thank you
Cory Dennington

coffee maker said...

I've heard from multiple sources that the Conficker worm wouldn't be a threat to Mac users, thank goodness

:)) ;)) ;;) :D ;) :p :(( :) :( :X =(( :-o :-/ :-* :| 8-} :)] ~x( :-t b-( :-L x( =))

Post a Comment

 

Did you like it? Then Share it!

About!

I am a Software Engineer. I blog when awake! My interests are varied, spanning across software, bodybuilding, travel, cooking, reading, and more or less, everything under the Sun. Started blogging as a hobby, currently have multiple blogs on niche topics.

Locations of visitors to this page