7 Million still infected by Conficker A+B+C

Discussion in 'malware problems & news' started by Searching_ _ _, Dec 16, 2009.

Thread Status:
Not open for further replies.
  1. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Conficker may be forgotten, but it's not gone...

    Conficker stats and charts page
     
  2. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
  3. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @mvario

    Thanks for updating :thumb:

    Very good read, and i liked his analogies which would make it easily understandable to a lot more people. Some journo's write too much techno babble that isn't as straightforward for most people to absorb, if at all.

    I knew Conficker used crypto, but i wasn't aware of the MD-6 SHA-3 encryption aspect that they incorporated into it. And the proposal for the new standard was only submitted about a month before Conficker first appeared. Very clever :D

    One of the best accounts i've read on ANY malware etc :thumb:
     
  4. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,028
    Location:
    Lloegyr
  5. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    757
    Good Read Indeed
     
  6. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,267
    Location:
    England
    Best article I've read for a long time.

    Thanks for posting it mvario.
     
  7. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    I enjoyed the article myself, but I'm still a bit confused about the use of MD6. The author talks a little about public key encryption but MD6 is a hash (one-way) algorithm (used for signatures, authentication, etc), so I'm not really understanding its place in Conficker.
     
  8. Wow, creepy. I had no idea that Conficker was so expertly engineered. Wonder what the heck it's being used for.

    Edit: and one other thing - the article states that Conficker can exploit its hole even on machines that are firewalled. How on Earth is that supposed to work? :eek:
     
    Last edited by a moderator: May 12, 2010
  9. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,127
    Location:
    USA
    Great read. Wonder what's next "D"?
     
  10. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343

    Hmm, I found this line funny:

    I don't think so. The Windows updates only patch the core OS and other M$ products (Office, IE, etc.). They do not patch any other software running on the machine. And since most software still requires admin access, this means vulnerable 3rd party software = total machine pwnage.

    Also the article seems to imply that SHA-2/3 is an encryption cipher. It is not. It's a cryptographic hash function (so is MD6) that is used in conjunction with a cipher like AES. There is a difference.
     
    Last edited: May 13, 2010
Loading...
Thread Status:
Not open for further replies.