Since then, two variants have been spotted as the virus has gone on to infect more than 10m PCs. Despite being tracked for several months, however, the truth about Conficker's motivations and origins remain clouded.
Last weekend, one team of researchers suggested that they may have discovered a "fingerprint" inside the worm which should make it possible to scan computers for the infection, making removal easier. Usual methods of unpacking the virus code to examine its workings have been thwarted because the authors have encrypted it, using algorithms that render it almost uncrackable.
In the meantime, Conficker has gone on to become one of the most widespread internet worms in recent years. Last week a leaked memo revealed that the House of Commons computer system had become infected, leading to concerns that confidential or highly sensitive material could be stolen when the virus next updates. In the document, Joan Miller, the director of parliamentary computer services, said that her team were "continuing to work with our third party partners to manage its removal and we need to act swiftly to clean computers that are infected".
Ordinary PC users are being advised to keep their anti-virus software up to date and watch for news about the worm. Cluley suggested that the widespread coverage could help lessen the potential impact. Travis the translator aims to make people understood Jan 10, Sep 02, Aug 11, Load comments 5. Let us know if there is a problem with our content. Your message to the editors. Your email only if you want to be contacted back. Send Feedback. Thank you for taking time to provide your feedback to the editors.
E-mail the story Conficker worm hits University of Utah computers. Your friend's email. Your email. I would like to subscribe to Science X Newsletter.
Learn more. Your name. Note Your email address is used only to let the recipient know who sent the email. Your message. Your Privacy This site uses cookies to assist with navigation, analyse your use of our services, collect data for ads personalisation and provide content from third parties.
Ok Cookie options. E-mail newsletter. It appears that you are currently using Ad Blocking software. What are the consequences? Worm program authors often hide in those countries to stay out of sight from law enforcement, he said.
In a way, the Conficker Cabal is also looking for the program author's fingerprints. DeBolt said security researchers are looking through old malware programs to see if their programming styles are similar to that of Conficker C. One quick way to see if your computer has been infected is to see if you have gotten automatic updates from Windows in March. If so, your computer likely is fine, DeBolt said.
Microsoft released a statement saying the company "is actively working with the industry to mitigate the spread of the worm. DeBolt said people who use other antivirus software should check to make sure they've received the latest updates, which also could have been disabled by Conficker C. That version used Web addresses -- generated daily by the system -- as the means of communication between the master computer and its zombies. The end goal of the first line was to sell computer users fake antivirus software, said Morganelli.
Computer security experts largely patched that problem by working with the Internet Corporation for Assigned Names and Numbers to disable or buy the problematic URLs, he said.
That process-of-elimination approach isn't likely to be effective with Conficker strain C, Morganelli said.
The new version will generate 50, URLs per day instead of just when it becomes active, DeBolt said. The first iteration of Conficker is thought to have grown out of a free function for security programs created by Dr. Ronald Rivest, a computer science professor at the Massachusetts Institute of Technology.
Many viruses have taken pieces of benevolent programs and used them for ill.
0コメント