What to expect next?
Ultimately, Conficker acts as any botnet. Botnet is
a coined term derived from robot network. A botnet might be understood
as a collection of malicious software robots (abbreviated bots),
whose purpose is to run different kind of computer applications controlled by
the owner or the disseminator of the software robot source, on a group of
compromised computers, usually connected to the Internet.
From this point of view we can only expect for worse, as
Corruption of Defensive System
The most dangerous aspect related to Conficker infection is
that it completely neutralizes defensive systems. In other words, any infected
machine holds a huge security breach that can be exploited anytime from now on.
It is like having a house with a door wide open all the time, even when you
sleep or go to work or in vacation.
Distributed Denial of Service
A botnet can be used as a tool to completely paralyze other
computers over the Internet through what is known as Distributed Denial of
Service (DDoS). The botnet attacks a network or a computer system to
disrupt service via the loss of connectivity or consumption of the victim
network’s bandwidth and to overload the resources of the victim’s computer
system. This can prevent the access to a particular Web site for a long period
of time, which, in case of Web-operating companies, but not only, might lead to
Pay-per-Click Systems Abuses and Frauds
Botnets can be used to engage in click abuses and frauds.
The bot is used to visit a specific Web page and/or automatically “click” on
the advertisement banners. The purpose is to obtain financial gain by
automating visiting and/or clicking on a pay-per-view or pay-per-click system
(to actually cheat the online advertising companies that pay a sum of money for
each visit or click on that page, like Gooogle Adsense).
Key Logging, Traffic Monitoring and Mass Identity Theft
Many bots watch the keyboard activity and report the
keystrokes stream to their owner. Some bots have features to look for visits to
particular Web sites where passwords or bank account information is entered.
With a filter program, the bot owner can extract only the keyboard sequence
typed before or after words like “PayPal” or “Credit Card”. This allows
cybercriminals to gain access to personal information and accounts belonging to
thousands of people.
The drones from a botnet can be used to harvest e-mail
addresses and/or send/forward a huge amount of messages to other computers. For
instance, this was the case of a mass-mailing spam campaign at the end of 2007,
pleading for Ron Paul candidature at the 2008 US presidential elections.
How can we protect?
The following five simple rules should be enough to keep you
away from any upcoming disaster:
- Check with your operating system provider on a regular
basis – download and install the latest security updates, malware removal
tools, as well as other patches or fixes.
- Install and activate a reliable password protected
antimalware, firewall, spam filter and parental control solution, like those
provided by BitDefender.
- Update your antimalware, firewall and spam filter as
frequent as possible, with the latest virus definitions and suspicious
- Scan your system frequently.
- Stay informed about e-threats and security.
If your system has been infected, there is still hope. Check
http://www.bdtools.net/, download the
Downadup Removal Tool, follow the instructions and clean your system. Ideally,
once you eliminated Downadup from your machine, you should patch your OS with
the latest updates, install and activate an antimalware suite.