It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

New Conficker worm making 1million zombies a day

page: 1
2
<<   2 >>

log in

join
share:

posted on Jan, 21 2009 @ 05:48 AM
link   

New Conficker worm making 1million zombies a day


blogs.zdnet.com

“This malware mostly spreads within corporations but also was reported by several hundred home users. It opens a random port between port 1024 and 10000 and acts like a web server. It propagates to random computers on the network by exploiting MS08-067. Once the remote computer is exploited, that computer will download a copy of the worm via HTTP using the random port opened by the worm. The worm often uses a .JPG extension when copied over and then it is saved to the local system folder as a random named dll. It is also interesting to note that the worm patches the vulnerable API in memory so the machine will not be vulnerable anymore. It is not that the malware authors care so much about the computer as they want to make sure that other malware will not take it over too.”
(visit the link for the full news article)


Related News Links:
www.smh.com.au< br /> www.google.com
arstechnica.com




posted on Jan, 21 2009 @ 05:48 AM
link   
Hmmm another worm huh...how cool. Apparently its infecting 1 million PC's a day. I have heard cyber-criminals are experimenting with "new" technology. Or is it the Anti Virus companies trying to scare us into buying their security software?
Disturbing thing is that it can hide/attach as a jpeg file.


blogs.zdnet.com
(visit the link for the full news article)



posted on Jan, 21 2009 @ 05:52 AM
link   


It is also interesting to note that the worm patches the vulnerable API in memory so the machine will not be vulnerable anymore.


I found that to be pretty interesting, but scary nonetheless as well - being that sooner or later another version or some different version of a virus will come about and soon infect the machine. Overall I don't know what to think of it as of yet because of that snippet from the article..



posted on Jan, 21 2009 @ 05:56 AM
link   
Honestly, a firewall good one like Tiny Personal Firewall pro is one of the few things that can actually protect your system.

It has multiple levels of manageable security settings, alerts for when virtually anything is happening inside of your computer, and a trust program which allows you select any kind of program running in your computer, even the ones that slip past execution and embed themselves in the kernel, the ones that hide, the ones that have no 'task' in the Task Manager, it can even stop.

Heh.......Sorry, take the hackers advice, I know how the exploits works inside an out, take a trip to www.securiteam.com... .




posted on Jan, 21 2009 @ 05:56 AM
link   
Makes me wonder, if Microsoft ever got their act together and could fix Windows vulnerabilities, would they end up being sued by all the anti-virus software companies that would end up out of business? The fact that Microsoft has been unable to fix this makes me think these holes are intentional by design.



posted on Jan, 21 2009 @ 05:58 AM
link   
reply to post by Divinorumus
 



It is impossible to stop vulnerabilities. Unless you are strictly on a LAN and you know ever other computer around you.

There is a way in, always, and forever. Atleast in this format of crappy OSs we have running around today, Linux is the safest if you ask me



posted on Jan, 21 2009 @ 06:43 AM
link   

Originally posted by Revolution-2012
Honestly, a firewall good one like Tiny Personal Firewall pro is one of the few things that can actually protect your system.

It has multiple levels of manageable security settings, alerts for when virtually anything is happening inside of your computer, and a trust program which allows you select any kind of program running in your computer, even the ones that slip past execution and embed themselves in the kernel, the ones that hide, the ones that have no 'task' in the Task Manager, it can even stop.

Heh.......Sorry, take the hackers advice, I know how the exploits works inside an out, take a trip to www.securiteam.com... .



I heard about Tiny Personal Firewall, have tried it and was impressed. Checkpoint Zonealarm is decent too once configured correctly. Thanks for the link



posted on Jan, 21 2009 @ 06:45 AM
link   
reply to post by Revolution-2012
 


I'm gonna have to give that a try, seems a few people have had good reviews about that firewall and well I could really use a good one in this day and age.



posted on Jan, 21 2009 @ 06:58 AM
link   
Yes and they use it for spam.
They have been using it for some time now.
You cant block the spam, or report the spam.
Because its coming from random emails the worm has hijacked.
Many of them government and corporate domains.
I think the people who's products are spammed, should start being arrested and jailed.
Because its impossible to stop the spammers, but the greedy people who seek them out to spam there products should be dealt with.
The usual statement on how they have not authorized such spamming of there products should not be acceptable anymore.


sty

posted on Jan, 21 2009 @ 07:04 AM
link   
Think about it: Microsoft created an entire economy with their softwares! If all the bugs would suddenly be fixed we will see loads and loards of unemployed IT people. Bugs are essential for the economy. Otherwise we would switch to Linux long time ago...



posted on Jan, 21 2009 @ 10:47 AM
link   
reply to post by Divinorumus
 


That can't be done. Blaming Microsoft is like blaming Ford because someone ran into your car.

And Microsoft did fix it, but people are not downloading the fix.



posted on Jan, 21 2009 @ 10:54 AM
link   

Originally posted by Revolution-2012
reply to post by Divinorumus
 



It is impossible to stop vulnerabilities. Unless you are strictly on a LAN and you know ever other computer around you.

There is a way in, always, and forever. Atleast in this format of crappy OSs we have running around today, Linux is the safest if you ask me



your right, even with my limited work with machine code a long time ago, the old adage still applies...if it is written, it can be broken. however a 512 or 1028 ecryption code will discourage most who do not have the time or the massive hardware requirements to break in.



posted on Jan, 21 2009 @ 11:02 AM
link   
Got the bug on one of my home computers don't know how. Cannot connect with MS and anytime I try to go to something via goggle I never know where I'm going to end up. I have that computer off the network for now and will work on it some more tonight. Yes I was firewalled and have everything I was supposed to but it got thru from somewhere. It may have been thru looking to download IE8 from an non MS site. It redirects to lots of sites but alas no porn so it's really dull surfing in the dark.

mikell



posted on Jan, 21 2009 @ 06:33 PM
link   
reply to post by mikellmikell
 


Mikell: Get the Microsoft Windows Malicious software removal tool and copy it onto the other infected machine, it should pick it up and remove it HOPEFULLY. You may need to reboot in Safemode first.

www.microsoft.com...

hope this helps.



posted on Jan, 21 2009 @ 06:42 PM
link   
Makes me think I should probably format my laptop HDD soon, i'll never pay for an anti virus program, there are enough free programs out there to do the job, i have 3 anti spyware progs running, 2 silent ones and 1 active one.

Also have an Avira antivirus running.

Still, visiting dodgy porn sites always causes problems


[edit on 21-1-2009 by Gears Of War]



posted on Jan, 21 2009 @ 06:48 PM
link   
Couldn't get to any MS sites it would re direct me into who knows whewe. Finally e mailed myself the links and that seemed to work as a go around. Scanned 3 times and am still picking things up. Updates from all virus protection and MS are automatic so I'm not really sure where it came from. Portable drive may have it but not going to plug it in till I get my main machine clean. Changed my update time to the morning while I'm at work. I usually shut the modem off at night and while at work but will tru something different. 7 AM updates from now on

mikell



posted on Jan, 21 2009 @ 06:53 PM
link   

Originally posted by MASH_DADDY

Originally posted by Revolution-2012
Honestly, a firewall good one like Tiny Personal Firewall pro is one of the few things that can actually protect your system.

It has multiple levels of manageable security settings, alerts for when virtually anything is happening inside of your computer, and a trust program which allows you select any kind of program running in your computer, even the ones that slip past execution and embed themselves in the kernel, the ones that hide, the ones that have no 'task' in the Task Manager, it can even stop.

Heh.......Sorry, take the hackers advice, I know how the exploits works inside an out, take a trip to www.securiteam.com... .



I heard about Tiny Personal Firewall, have tried it and was impressed. Checkpoint Zonealarm is decent too once configured correctly. Thanks for the link


I use Comodo Firewall, and have never had any problems.



posted on Jan, 21 2009 @ 06:57 PM
link   

Originally posted by MASH_DADDY
Disturbing thing is that it can hide/attach as a jpeg file.


Steganography has been used for a long time, I do not find that surprising at all.



posted on Jan, 21 2009 @ 07:02 PM
link   
The perfect way to cure any infection of a worm is to reformat your hard drive and reinstall windows. If you have your data backed up on another drive, this process does not set you back much, only about an hour and a half or so. Also if you turn off your router when you are not using it it will prevent data from broadcasting when you are not using it.



posted on Jan, 21 2009 @ 08:31 PM
link   
There is a history of 'benevolent' viruses, i.e., viruses that were meant to repair a security vulnerability or destroy another virus.

Since I didn't see any specific information about the worms payload, I wouldn't be quick to jump to conclusions.

Probably another spam bot net, but it would be pretty easy to see a benevolent virus on such a huge scale, and could set a new precedent in the world of network security. New questions would have to be asked when judging the crimes of a virus' author.




top topics



 
2
<<   2 >>

log in

join