Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Conficker Continues to Impact Networks InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Conficker Continues to Impact Networks

Published: 2009-09-25
Last Updated: 2009-09-25 21:39:11 UTC
by Deborah Hale (Version: 1)
2 comment(s)


It appears that Conficker is still alive and well.

I heard about a local company today who on Monday of this week started having some pretty strange goings on in their network and called in their consultants to try to figure out what was happening.  It turns out after much time spent trying to determine what was going, it was "just another Conficker Outbreak".   (Still working on it as a matter of fact). They do have anti virus however the infection went undetected for quite some time.  Why?  Because Conficker did what Conficker does and it over rode the security software and antivirus software to allow them to do their dastardly deeds while remaining undetected.  This company has close to 100 computers and more than 50% of them have been infected, some for a while it seems.  Conficker has continued to grow its little Botnet and the BotHerder is still spreading their damage.  If you look at the "pictorial" representation of the spread in the US alone from January to July it is pretty amazing.

We also received an email today from a reader whose company was experiencing Conficker activity.  So perhaps there is a new wave of the bad guy coming.  So just a reminder - quick check -

If this Eye Chart doesn't display the logo's for 6 of the top security sites in the world, you may be infected and will be the next to fall to the plight of the Conficker Worm.


Deb Hale Long Lines, LLC

2 comment(s)
Diary Archives