back to article Conficker zombie botnet drops to 3.5 million

The "activation" of Windows machines infected with the latest variant of the Conficker worm has allowed security watchers to come up with a far more accurate estimate of how many machines are infected. Early versions of Conficker called home to 250 different domain names every day to check for updates. Since Wednesday, …

COMMENTS

This topic is closed for new posts.
  1. adnim

    Catching a cold

    My XP honeypot is still free of conficker, I have had to remove several other trojans or revert to an earlier snapshot because of system compromise but still no conficker.

    For those interested there is a wealth of information regarding Conficker here: http://www.honeynet.org on the honeynet blog.

    KYE whitepaper: http://www.honeynet.org/files/KYE-Conficker.pdf (Warning PDF)

    All good reading and helpful.

  2. Rob
    Stop

    potatard

    damnit John, you had to go spoiling a good little article by chucking in "mash-up" didn't you? -is there any potato involved? -no? then it's a fucking map isnt it?

  3. Anonymous Coward
    Dead Vulture

    @ potatard

    Damn right - I was reading a walkthrough and apparently I should 'mash' the joystick buttons.

    I'm not sure my spud utensil would work with a gamepad!

  4. Anonymous Coward
    Flame

    @Support for Conficker

    Stop with it the crummy and shameless plug

  5. Robbie
    Joke

    To the Authors of Conficker and open request...

    Can you guys get a move on with that update.. the interwebz media is running out of stories on Conficker...

  6. Anonymous Coward
    Thumb Down

    Support for Conficker

    Nice ad spam from Stuart there - another geek webshite's mods had the good sense to edit his comment before publication.

    And no, I don't work for [insert shameless plug here].

  7. Anonymous Coward
    Dead Vulture

    @Stuart

    Seriously, how the hell did you make that past moderation, or was there back handers involved?

  8. Steve Evans

    How about...

    How about this for a revolutionary idea...

    As this analysis is based on the IPs of the infected machines, how about emailing the ISPs who control these IPs and asking them to inform the user who had that IP allocated at the time of their infection, and pass them some useful links to help them remove the infection...

    The mechanism almost already exists on some ISPs to allow the RIAA to pump out the automated "You are an evil pirate, prepare to be cut off!" emails.

    This does assume the ISPs give a sh*t of course!

  9. Anonymous Coward
    Thumb Up

    @Robbie.

    "Can you guys get a move on with that update.. the interwebz media is running out of stories on Conficker..."

    I've jailbroken my Conficker worm so that I can add features myself. I hope the upgrade doesn't brick it.

  10. Neil
    Heart

    Conficker?

    I'll eat when I get hungry

    I'll drink when I get dry

    If the life I live don't kill me

    Then I guess I'll never die

    I'll tune up my fiddle

    I'll rosin up my bow

    And find a girl to hold me tight

    Anywhere I go

    Corn liquor corn liquor's what I cry

    If you don't give me corn liquor boy

    Somebody's gonna die

    Somebody's gonna die oh lord

    Somebody's gonna die

  11. Goat Jam
    Linux

    What the hell are those Confickers up to anyway?

    I wish they'd pull the pin already.

    I mean FFS, all the 'doze admins here need to be woken up every now and then and I've been patiently waiting for Conficker to be switched on. So far nothing but boring stories guestimating the size of the botnet.

    Yawn.

This topic is closed for new posts.

Other stories you might like