Browse Definitions :
Definition

Conficker

What is conficker?

Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems.

Also known as Downadup, Conficker was discovered in November 2008. Since that time, Conficker has infected millions of computers and established the infrastructure for a botnet.

The worm is scheduled to contact control computers and, presumably, carry out some further action on April 1. Some experts have speculated that the attackers will lease parts of the botnet to criminals who will use them for spam, identity theft, phishing exploits and other malicious activities.

Like most current malware, Conficker is a blended threat, combining features of several different approaches. Once Conficker infects a computer, it disables many security features and automatic backup settings, deletes restore points and opens connections to receive instructions from a remote computer. Once the first computer is configured, Conficker uses it to gain access to the rest of the network.

Conficker can spread by several means, copying itself to shared folders, for example, or exploiting the AutoRun utility for removable media. There are three variants of Conficker. Conficker C, the most recent version, exploits peer-to-peer networking capabilities to enhance its spread.

To protect your computer from Conficker, experts recommend that you:

  • Keep your system's patches up to date.
  • Maintain a good anti-virus product.
  • Disable AutoRun.
  • Use strong passwords.
  • Ensure that shared folders are secured.

 

Learn More About IT:
> Microsoft has more information about Conficker in its Malware Protection Center.
> Wikipedia maintains an entry about Conficker.
> Robert Westervelt reports on a flaw found in Conficker coding.
> Symantec offers  more information about Conficker and free removal tools.
> On CNET news, Elinor Mills writes that the 'Conficker time bomb ticks but don't expect boom.'

This was last updated in March 2009

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

Extensiones de Documento y Formatos de Documento

Accionado por:

SearchCompliance

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business...

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from ...

SearchSecurity

  • reverse brute-force attack

    A reverse brute-force attack is a type of brute-force attack in which an attacker uses a common password against multiple ...

  • orphan account

    An orphan account, also referred to as an orphaned account, is a user account that can provide access to corporate systems, ...

  • voice squatting (skill squatting)

    Voice squatting is an attack vector for voice user interfaces (VUIs) that exploits homonyms (words that sound the same but are ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity policy

    Business continuity policy is the set of standards and guidelines an organization enforces to ensure resilience and proper risk ...

  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • warm site

    A warm site is a type of facility an organization uses to recover its technology infrastructure when its primary data center goes...

SearchStorage

  • RAM (Random Access Memory)

    RAM (Random Access Memory) is the hardware in a computing device where the operating system (OS), application programs and data ...

  • primary storage (main storage)

    Primary storage is the collective methods and technologies used to capture and retain digital information that is in active use ...

  • cache memory

    Cache memory, also called CPU memory, is high-speed static random access memory (SRAM) that a computer microprocessor can access ...

Close