Find out how much you know about the Conficker worm. (Fill in the blank.)

1. Conficker was first spotted ________ on November 21, 2008. It exploits a vulnerability in the Windows Server service. (Hint: Opposite of “in the lab.”) 

Answer

2. Conficker gets into a computer if it is running an unprotected Microsoft operating system that receives a specially crafted RPC request from a website. What does RPC stand for? 

Answer

3. Once a computer is infected, it stops Microsoft’s WUS and disables anti-virus tools. What is Microsoft’s WUS?

 Answer

4. Some versions of Conficker use secret websites to deliver updates to the worm. To hide the sites from law enforcement, the worm generates about 50,000 decoy ______________s each day. 

Answer

5. Some versions of the worm include  ________ functionality so that infected computers can communicate between themselves.

 Answer

6. Some versions of the worm use the MD6 hashing algorithm to obscure communication between infected PCs.  The algorithm was developed at MIT by Professor Ronald L. Rivest. What other cryptography algorithm is he associated with? 

Answer

7. It’s widely believed that the cyber-criminals behind this worm are building a ________ that can be rented out.

 Answer

8. _________ has put up a $250,000 reward for any information that leads to the arrest of a Conficker programmer. 

Answer

9.  Other crooks are exploiting the notoriety of the worm to distribute their malicious code from domains ranked highly in Internet searches for this media-crazed keyword. 

Answer

10. F-Secure.com has identified several _________ anti-virus products for sale that do nothing but frighten Internet visitors and take their money. 

Answer

Learn more

Microsoft calls next Conficker variant 'manageable.'

Is the Conficker botnet ready to be split and sold?

Microsoft has offered a $250K bounty for the Conficker writer.