Browse Definitions:
Definition

Conficker

What is conficker?

Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.

Also known as Downadup, Conficker was discovered in November 2008. Since that time, Conficker has infected millions of computers and established the infrastructure for a botnet.

The worm is scheduled to contact control computers and, presumably, carry out some further action on April 1. Some experts have speculated that the attackers will lease parts of the botnet to criminals who will use them for spam, identity theft, phishing exploits and other malicious activities.

Like most current malware, Conficker is a blended threat, combining features of several different approaches. Once Conficker infects a computer, it disables many security features and automatic backup settings, deletes restore points and opens connections to receive instructions from a remote computer. Once the first computer is configured, Conficker uses it to gain access to the rest of the network.

Conficker can spread by several means, copying itself to shared folders, for example, or exploiting the AutoRun utility for removable media. There are three variants of Conficker. Conficker C, the most recent version, exploits peer-to-peer networking capabilities to enhance its spread.

To protect your computer from Conficker, experts recommend that you:

  • Keep your system's patches up to date.
  • Maintain a good anti-virus product.
  • Disable AutoRun.
  • Use strong passwords.
  • Ensure that shared folders are secured.

 

Learn More About IT:
> Microsoft has more information about Conficker in its Malware Protection Center.
> Wikipedia maintains an entry about Conficker.
> Robert Westervelt reports on a flaw found in Conficker coding.
> Symantec offers  more information about Conficker and free removal tools.
> On CNET news, Elinor Mills writes that the 'Conficker time bomb ticks but don't expect boom.'

This was last updated in March 2009

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

  • PCAOB (Public Company Accounting Oversight Board)

    The Public Company Accounting Oversight Board (PCAOB) is a Congressionally-established nonprofit that assesses audits of public ...

  • cyborg anthropologist

    A cyborg anthropologist is an individual who studies the interaction between humans and technology, observing how technology can ...

  • RegTech

    RegTech, or regulatory technology, is a term used to describe technology that is used to help streamline the process of ...

SearchSecurity

  • email spam

    Email spam, or junk email, is unsolicited bulk messages sent through email with commercial, fraudulent or malicious intent.

  • distributed denial of service (DDoS) attack

    A distributed denial-of-service attack occurs when an attack originates from multiple computers or devices, usually from multiple...

  • application whitelisting

    Application whitelisting is the practice of identifying applications that have been deemed safe for execution and restricting all...

SearchHealthIT

  • athenahealth Inc.

    Based in Watertown, Mass., athenahealth Inc. is a leading vendor of cloud-based EHRs for small to medium-sized physician ...

  • Affordable Care Act (ACA or Obamacare)

    The Affordable Care Act (ACA) is legislation passed in 2010 that changed how uninsured Americans enroll in and receive healthcare...

  • HIPAA Privacy Rule

    The Standards for Privacy of Individually Identifiable Health Information, commonly known as the HIPAA Privacy Rule, establishes ...

SearchDisasterRecovery

  • disaster recovery as a service (DRaaS)

    One approach to a strong disaster recovery plan is DRaaS, where companies offload data replication and restoration ...

  • data recovery

    Data recovery restores data that has been lost, accidentally deleted, corrupted or made inaccessible. Learn how data recovery ...

  • disaster recovery plan (DRP)

    A company's disaster recovery policy is enhanced with a documented DR plan that formulates strategies, and outlines preparation ...

SearchStorage

  • virtual memory

    Virtual memory is a memory management capability of an OS that allows a computer to compensate for physical memory shortages by ...

  • yottabyte (YB)

    A yottabyte is a measure of theoretical storage capacity and is 2 to the 80th power bytes, or, in decimal, approximately 1,000 ...

  • Kilo, mega, giga, tera, peta, exa, zetta and all that

    Kilo, mega, giga, tera, peta, exa, zetta are among the list of prefixes used to denote the quantity of something, such as a byte ...

SearchSolidStateStorage

  • PCIe SSD (PCIe solid-state drive)

    A PCIe SSD (PCIe solid-state drive) is a high-speed expansion card that attaches a computer to its peripherals.

  • SSD caching

    SSD caching, also known as flash caching, is the temporary storage of data on NAND flash memory chips in a solid-state drive so ...

  • NVDIMM (Non-Volatile Dual In-line Memory Module)

    An NVDIMM (non-volatile dual in-line memory module) is hybrid computer memory that retains data during a service outage.

SearchCloudStorage

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...

Close