The effective size of the Conficker botnet might be far smaller than previously thought. Last week machines infected with the latest variant of Conficker began to download additional components - files associated with the rogue anti-malware application SpywareProtect2009 and a notorious botnet client, Waledac - via the worm's …
got to admit...
keeping multiple versions of the code extant is quite a clever ploy, if indeed it is intentional. If I were one of those psychological profilers you see a lot of these days in crime dramas, I'd be saying this pointed to a single developer who's intimately familiar with all aspects of the conficker code in all its iterations. They're probably more interested in and gain more satisfaction from the technical complexity of the code and adulation from their perceived peer group than with any payload the software can deliver... a bona-fide hacker type. Expect to see some trickery based around unforeseen interactions between different iterations of the code, or hidden code which will have a very low (but non-zero) probability of activation, which can only be predicted by a thorough understanding of *all* the code in *all* its versions.
So it's not so bad then ?
The end of the world is postponed yet again, I take it. What else is new ?
200,652 unique IP Addresses
So how many of those were company IP addresses where its simply the gateway to a much larger private network hiding behind one IP. I've got about 6 PCs at home but they only ever show up as 1 IP because its all using NAT behind my ADSL router.
So 200,652 is the utter minimum. The company I used to work for had about 80 PCs which if they all got infected would only ever show up as 1 IP address.
- Review Samsung Galaxy Note 8: Proof the pen is mightier?
- Nuke plants to rely on PDP-11 code UNTIL 2050!
- Spin doctors brazenly fiddle with tiny bits in front of the neighbours
- Game Theory Out with a bang: The Last of Us lets PS3 exit with head held high
- That Microsoft-Nokia merger you've been predicting? It's no go