Comments on: Conficker (AKA Downadup or Kido) Infections Skyrocket To An Estimate 9 Million

By: dblackshell

dblackshell — Sun, 25 Jan 2009 18:05:30 +0000

Jhon

Apparently it uses a complex algorithm that is able to mutate or change makeing it hard to track

When I read stuff like this it makes me laugh, because If malware authors would have to learn something from virus authors, than they should have learned Polymorphism, Metamorphism.

As for this case, I quite wonder of the “complexity” of the algorithm. I’m no algorithm guru, but have studied some polymorphic viruses till now, so I would be hardly surprised.

By: Jhon

Jhon — Fri, 23 Jan 2009 17:36:17 +0000

I have a few friends who have caught this virus as they have found files on their USB that just appeared but when it gets inside your computer as the article says it alters itself. Apparently it uses a complex algorithm that is able to mutate or change makeing it hard to track. But according to the BBC the worst is yet to come. If the hackers decide to use the virus they can take full control over the systems. Thats if they choose to do it.

By: Extremesecurity

Extremesecurity — Fri, 23 Jan 2009 10:31:03 +0000

Did Downadup/conficker attack your network? I’ve created a batch file for system administrators to clean/patch/cure infected systems in their networks.

check it out here:

http://extremesecurity.blogspot.com/2009/01/beat-downadupconficker-like-pro-my.html

By: Olafur

Olafur — Wed, 21 Jan 2009 10:31:01 +0000

I must say that hackers to day, that do this are insanly smart :P

But this virus, and every virus. Can they travel to your computer for no reason (saying you didn’t click on a download), like finding your IP and just going into your computer ?
Just wondering because I haven’t had a virus protection on my computer for the last year and not a single virus, just simple cookies ?

By: Morgan Storey

Morgan Storey — Tue, 20 Jan 2009 23:39:43 +0000

I am of the opinion if you can’t afford/don’t want to pay for windows then go Linux. At least then you get updates, and will have less issues. Windows is good, but if you don’t get updates due to a cracked version then you are part of the problem.
All my windows machines have this update, and I have seen this virus in the wild on a USB stick, it is a nasty one.

By: Bogwitch

Bogwitch — Mon, 19 Jan 2009 20:00:27 +0000

There appears to be some discrepancies at to the true number of infected machines, with some reports citing 500,000 unique IP addresses infected.

I don’t think it matters too much whether it was reported privately or not; once the hotfix is released it will be diffed to see what was fixed from the previous version. From there it is not difficult to work out how to exploit the vulnerability.

I am not suprised that such a large number of machines are unpatched, given the WGA. Microsoft is damned if they do and damned if they don’t. If all Windows was patched, there would be little effect from this but that would mean Microsoft would have to accept that there are unlicensed copies out there. As it is, there is now more ammo for the ‘Microsoft is insecure’ brigade due to the fact that Microsoft won’t allow patches for rogue systems.
That said, I was talking to a guy whose organisation had been hit and their copies of Windows were licensed unfortunately, their patching policy was ‘ineffective’!

By: navin

navin — Mon, 19 Jan 2009 17:15:04 +0000

cheers!! :)