Conficker

Normal
0

false
false
false

EN-US
X-NONE
X-NONE

MicrosoftInternetExplorer4

st1:*{behavior:url(#ieooui) }

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,”sans-serif”;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”Times New Roman”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:”Times New Roman”;
mso-bidi-theme-font:minor-bidi;}

EPISODE
ONE

By far, Conficker (a.k.a. Downadup or Kido) was not the
cleverest e-threat ever, nor the most dangerous. It is though one of the most
intriguing well-written pieces of malware, with a great damaging potential and
an intricately smart manner of update.

Since its egression in late October 2008, rumors and
scientific data mingled into a cornucopia of facts, while mass-media enjoyed
feeding their readers with terrifying figures and apocalyptic scenarios tattling
the death of the Internet as we know it on April Fool’s Day.

What damage did Conficker do?

The truth is that the worm by itself does not produce any
damage. As far as we know it, none of the five existing variants corrupt files
or steal data. Yet…

Conficker does more frightening things instead. These show
that the malware creators behind engineered it with a lot of craft and
succeeded in producing an illustrious heir for its precursors, namely Welchia,
Blaster, Sobig, Sasser and Storm.

First and foremost, Conficker’s purpose is to spread and
compromise as many machines as possible. It achieved this goal using a vulnerability
in Microsoft