Find out how much you know about the Conficker worm. (Fill in the blank.)

 

1. Conficker was first spotted ________ on November 21, 2008. It exploits a vulnerability in the Windows Server service. (Hint: Opposite of “in the lab.”) 

Answer

 

2. Conficker gets into a computer if it is running an unprotected Microsoft operating system that receives a specially crafted RPC request from a website. What does RPC stand for? 

Answer

 

3. Once a computer is infected, it stops Microsoft’s WUS and disables anti-virus tools. What is Microsoft’s WUS?

 Answer

 

4. Some versions of Conficker use secret websites to deliver updates to the worm. To hide the sites from law enforcement, the worm generates about 50,000 decoy ______________s each day. 

Answer

 

5. Some versions of the worm include  ________ functionality so that infected computers can communicate between themselves.

 Answer

 

6. Some versions of the worm use the MD6 hashing algorithm to obscure communication between infected PCs.  The algorithm was developed at MIT by Professor Ronald L. Rivest. What other cryptography algorithm is he associated with? 

Answer

 

7. It’s widely believed that the cyber-criminals behind this worm are building a ________ that can be rented out.

 Answer

 

8. _________ has put up a $250,000 reward for any information that leads to the arrest of a Conficker programmer. 

Answer

 

9.  Other crooks are exploiting the notoriety of the worm to distribute their malicious code from domains ranked highly in Internet searches for this media-crazed keyword. 

Answer

 

10. F-Secure.com has identified several _________ anti-virus products for sale that do nothing but frighten Internet visitors and take their money. 

Answer

 

Learn more

Microsoft calls next Conficker variant 'manageable.'

Is the Conficker botnet ready to be split and sold?

Microsoft has offered a $250K bounty for the Conficker writer.

This was last updated in April 2009
Posted by: Margaret Rouse

Related Terms

Definitions

  • Trusted Platform Module (TPM)

    - A Trusted Platform Module (TPM) is a specialized chip on an endpoint device that stores RSA encryption keys specific to the host system for hardware authentication. (WhatIs.com)

  • Google dork query

    - Google dorking, also known as Google hacking, can return information that is difficult to locate through simple search queries. That description includes information that is not intended for public... (WhatIs.com)

  • active attack

    - An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target. In a masquerade attack, for example, the intruder pretends to ... (WhatIs.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About Quiz: Conficker wormPowered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.