InfoSec Handlers Diary Blog

SANS Site Network
- Current Site
- Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

Conficker update with payload

Published: 2009-04-09
Last Updated: 2009-04-09 13:44:52 UTC
by Johannes Ullrich (Version: 1)

Various sources report that some conficker infected systems are receiving updates now. The update may include a keylogger and other code to exfiltrate data. We will keep this diary updates as we hear more. The update is delivered using the P2P mechanism and not the (disfunct) web sites.

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute Follow me on Twitter

Keywords: conficker downadup keylogger

1 comment(s)

Top of page

Diary Archives