The Reason behind Conficker

If you are in the security field, you probably had heard about the Conficker Worm. But for everyone else who is interested in Information Security, or anybody in the IT field, or even anyone who owns a PC, this is a concern. The Conficker Worm was on of the highlights of the first quarter of last year and the end of 2008. You will find the link at the bottom of this post that tells you all about Conficker. This post is to show you the reason behind Conficker and how it came to live. It started in October 23, 2008 when Microsoft reported a Vulnerability in their
Windows platform regarding its Networking services, MS08-067. This vulnerability allows Remote Code Execution with System level privileges. That means once you are hacked, the attacker can do whatever he wants on your machine. For Cyber-criminals this is a perfect environment for a worm spread. So they did not waste anytime and took advantage of this vulnerability. Less than a month after MS08-067 was reported, on November 21, 2008 we saw the first generation of Conficker. By January 2009, the number of infected machines ranged between 9-15 million. Today, we can still see the affect of the Conficker Worm, as Cyber-Criminals has been using all the infected machine as Cyber real state for Malware distributors. Below you will find a demo of how to trigger the vulnerability and all the links you might need on how to detect and protect against this vulnerability.

Microsoft Advisory
Microsoft Security Update
Microsoft® Windows® Malicious Software Removal Tool
Secunia Advisory


Popular posts from this blog

PRB-Backdoor - A Fully Loaded PowerShell Backdoor with Evil Intentions


A Quick Dip into MuddyWater's Recent Activity