Browse Definitions:
Definition

Conficker

What is conficker?

Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.

Also known as Downadup, Conficker was discovered in November 2008. Since that time, Conficker has infected millions of computers and established the infrastructure for a botnet.

The worm is scheduled to contact control computers and, presumably, carry out some further action on April 1. Some experts have speculated that the attackers will lease parts of the botnet to criminals who will use them for spam, identity theft, phishing exploits and other malicious activities.

Like most current malware, Conficker is a blended threat, combining features of several different approaches. Once Conficker infects a computer, it disables many security features and automatic backup settings, deletes restore points and opens connections to receive instructions from a remote computer. Once the first computer is configured, Conficker uses it to gain access to the rest of the network.

Conficker can spread by several means, copying itself to shared folders, for example, or exploiting the AutoRun utility for removable media. There are three variants of Conficker. Conficker C, the most recent version, exploits peer-to-peer networking capabilities to enhance its spread.

To protect your computer from Conficker, experts recommend that you:

  • Keep your system's patches up to date.
  • Maintain a good anti-virus product.
  • Disable AutoRun.
  • Use strong passwords.
  • Ensure that shared folders are secured.

 

Learn More About IT:
> Microsoft has more information about Conficker in its Malware Protection Center.
> Wikipedia maintains an entry about Conficker.
> Robert Westervelt reports on a flaw found in Conficker coding.
> Symantec offers  more information about Conficker and free removal tools.
> On CNET news, Elinor Mills writes that the 'Conficker time bomb ticks but don't expect boom.'

This was last updated in March 2009

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • audit program (audit plan)

    An audit program, also called an audit plan, is an action plan that documents what procedures an auditor will follow to validate ...

SearchSecurity

  • insider threat

    Insider threat is a generic term for a threat to an organization's security or data that comes from within.

  • ransomware

    Ransomware is a subset of malware in which the data on a victim's computer is locked, typically by encryption, and payment is ...

  • hacker

    A hacker is an individual who uses computer, networking or other skills to overcome a technical problem.

SearchHealthIT

SearchDisasterRecovery

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

SearchStorage

SearchSolidStateStorage

  • 3D XPoint

    3D XPoint is memory storage technology jointly developed by Intel and Micron Technology Inc.

  • RRAM or ReRAM (resistive RAM)

    RRAM or ReRAM (resistive random access memory) is a form of nonvolatile storage that operates by changing the resistance of a ...

  • JEDEC

    JEDEC is a global industry group that develops open standards for microelectronics.

SearchCloudStorage

  • Google Cloud Storage

    Google Cloud Storage is an enterprise public cloud storage platform that can house large unstructured data sets.

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

Close