The "activation" of Windows machines infected with the latest variant of the Conficker worm has allowed security watchers to come up with a far more accurate estimate of how many machines are infected. Early versions of Conficker called home to 250 different domain names every day to check for updates. Since Wednesday, machines …
Catching a cold
My XP honeypot is still free of conficker, I have had to remove several other trojans or revert to an earlier snapshot because of system compromise but still no conficker.
For those interested there is a wealth of information regarding Conficker here: http://www.honeynet.org on the honeynet blog.
KYE whitepaper: http://www.honeynet.org/files/KYE-Conficker.pdf (Warning PDF)
All good reading and helpful.
damnit John, you had to go spoiling a good little article by chucking in "mash-up" didn't you? -is there any potato involved? -no? then it's a fucking map isnt it?
Damn right - I was reading a walkthrough and apparently I should 'mash' the joystick buttons.
I'm not sure my spud utensil would work with a gamepad!
@Support for Conficker
Stop with it the crummy and shameless plug
To the Authors of Conficker and open request...
Can you guys get a move on with that update.. the interwebz media is running out of stories on Conficker...
Support for Conficker
Nice ad spam from Stuart there - another geek webshite's mods had the good sense to edit his comment before publication.
And no, I don't work for [insert shameless plug here].
Seriously, how the hell did you make that past moderation, or was there back handers involved?
How about this for a revolutionary idea...
As this analysis is based on the IPs of the infected machines, how about emailing the ISPs who control these IPs and asking them to inform the user who had that IP allocated at the time of their infection, and pass them some useful links to help them remove the infection...
The mechanism almost already exists on some ISPs to allow the RIAA to pump out the automated "You are an evil pirate, prepare to be cut off!" emails.
This does assume the ISPs give a sh*t of course!
"Can you guys get a move on with that update.. the interwebz media is running out of stories on Conficker..."
I've jailbroken my Conficker worm so that I can add features myself. I hope the upgrade doesn't brick it.
I'll eat when I get hungry
I'll drink when I get dry
If the life I live don't kill me
Then I guess I'll never die
I'll tune up my fiddle
I'll rosin up my bow
And find a girl to hold me tight
Anywhere I go
Corn liquor corn liquor's what I cry
If you don't give me corn liquor boy
Somebody's gonna die
Somebody's gonna die oh lord
Somebody's gonna die
What the hell are those Confickers up to anyway?
I wish they'd pull the pin already.
I mean FFS, all the 'doze admins here need to be woken up every now and then and I've been patiently waiting for Conficker to be switched on. So far nothing but boring stories guestimating the size of the botnet.
- Analysis Oh no, Joe: WinPhone users already griping over 8.1 mega-update
- Opportunity selfie: Martian winds have given the spunky ol' rover a spring cleaning
- OK, we get the message, Microsoft: Windows Defender splats 1000s of WinXP, Server 2k3 PCs
- Spanish village called 'Kill the Jews' mulls rebranding exercise
- NASA finds first Earth-sized planet in a habitable zone around star