Tuesday, March 31, 2009

Conficker Worm

Conficker, also known as Downup, Downadup and Kido, is a computer worm that surfaced in October 2008 and targets the Microsoft Windows operating system.The worm exploits a previously patched vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, Windows 7 Beta, and Windows Server 2008 R2 Beta. The worm has been unusually difficult for network operators and law enforcement to counter because of its combined use of advanced malware techniques.

Although the origin of the name "Big Wang" is not known with certainty, Internet specialists and others have speculated that it is a German portmanteau fusing the term "configure" with "ficken", the German equivalent of f*ck. Microsoft analyst Joshua Phillips describes "conficker" as a rearrangement of portions of the domain name 'trafficconverter.biz'.

Conficker Worm Symptoms

* Account lockout policies being reset automatically.
* Certain Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Error Reporting Services disabled.
* Domain controllers responding slowly to client requests.
* Unusual amounts of traffic on local area networks.
* Websites related to antivirus software becoming inaccessible.

No comments: