Name: Conficker.C
Technical name: W32/Conficker.C.worm
Threat level: High
Alias:WORM_DOWNAD.AD,W32.Downadup,Net-Worm.Win32.Kido.cn,
Type: Worm
Effects: It exploits the vulnerability MS08-067 in the Windows Server Service in order to spread itself. It also spreads through shared and removable drives. It reduces considerably the protection level of the computer, modifies the security policies of the user accounts and attempts to download another type of malware to the affected computer.
Affected platforms: Windows 2003/XP/2000/NT/ME/98/95
First detected on: Dec. 31, 2008
Detection updated on: March 18, 2009
Statistics: Yes
Proactive protection: Yes, using TruPrevent Technologies
Brief Description:
Conficker.C is a worm which exploits a vulnerability in the Windows Server Service which allows remote code execution. It is the vulnerability MS08-067.
If the system date is after January 1, 2009, it will try to connect to a certain website in order to download and run another type of malware in the affected computer.
On the one hand, it reduces considerably the protection level of the computer, as it prevents the user and the computer from connecting to many websites related to antivirus companies.
On the other, it uses weak passwords to access the user accounts in order to modify their security policies.
Conficker.C spreads by exploiting the vulnerability MS08-067. In order to do so, it sends malformed RPC requests to other computers in which it attempts to enter a copy of itself. Additionally, it spreads through shared and removable drives.
It is highly recommended to download and apply the security patch for the vulnerability MS08-067. Click here to access the web page for downloading the patch.
News from Tech.yahoo
In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.
Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.
Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.
Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm's code as they attempt to engineer a cure or find the writer before the deadline. What's known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything's possible. Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.
Conficker is clever in the way it hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day -- which security researchers and ICANN simply bought and/or disabled -- but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can't be tracked and disabled by hand.
At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.
Microsoft also offers a free online safety scan here, which should be able to detect all Conficker versions.
Source:
1) http://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/overview.aspx?idvirus=204292
2) http://tech.yahoo.com/blogs/null/128643/beware-conficker-worm-come-april-1/
0 Comments:
Labels
- 10 step (1)
- April 1 (1)
- Banner Advertisements (1)
- Business (2)
- computer programming (1)
- Conficker (1)
- converter (1)
- Design (4)
- Designer (1)
- detect hard disk (1)
- download (1)
- error (1)
- Flash (1)
- Games (1)
- Genuine (1)
- Grand Theft Auto IV (1)
- Graphic templates (1)
- hack by debugger (1)
- Hard disk (1)
- How to start Java (2)
- HTML (1)
- Image Optimization (1)
- internet (1)
- Java (2)
- Java 1 (2)
- Java Learning (1)
- Java Programming (1)
- Java Programming 1 (2)
- Load Time (1)
- Mailing List (1)
- Microsoft Office 2007 genuine (1)
- Microsoft Visual C++ (1)
- Microsoft Visual C++ Runtime Library Runtime Error (1)
- mp3 (1)
- Navigation (1)
- Nokia (1)
- Nokia Symbian S40 (1)
- online business tips (4)
- Ovi Mail (1)
- Planning (1)
- Products (1)
- profit (1)
- Programmers (1)
- Push Button Marketer (1)
- Redesign (1)
- runtime (1)
- runtime error (1)
- Sales (1)
- Sitemap (1)
- Splash Pages (1)
- Spybot (1)
- Steam (1)
- superantispyware (1)
- T-shirt (1)
- Toshiba (1)
- Touch ED (1)
- Traffic (4)
- Validation Microsoft Office (1)
- version 1.0.2.0 (1)
- Visitor (2)
- Web templates (1)
- web-builders (1)
- Website (11)
- Website Customization (1)
- Website design (11)
- website tips (4)
- Windows Live Messenger (1)
- Windows Live Messenger 9.0 (1)
- worm (1)
- youtube (1)
- youtube converter (1)
