Slashdot Mirror


Conficker Downloads Payload

nk497 writes "Conficker seems to finally be doing something, a week after hype around the worm peaked on April Fool's Day. It has now downloaded components from the Waledac botnet, which could contain rootkit capabilities. Trend Micro security expert Rik Ferguson said: 'These components have so far been missing, but could this finally be the "other boot dropping" that we have all been been waiting for?' Ferguson also suggested that people behind Conficker could be the very same who are running Waledac and created the Storm botnet. 'It tallies with some of the assumptions people have made about Conficker — that the first variant was actively trying to avoid the Ukraine because Waledac was Eastern European,' Ferguson added."

11 of 273 comments (clear)

  1. Re:Finally? by Anonymous Coward · · Score: 3, Insightful

    No. It is the only news.

  2. april fools? by pickle_in_being · · Score: 5, Insightful

    I think it would have been more logical for conficker to download it's payload on the 1st of April itself, so that people would take the threat less serious.

    1. Re:april fools? by AliasMarlowe · · Score: 5, Insightful

      Half the world writes it 4/1 the other half 1/4

      Half? About one twentieth of the world (by population) writes it month/day or month/day/year, in the so-called "middle-endian" form. The other nineteen twentieths mostly write it day/month or day/month/year, in the so-called "little-endian" form. The ISO 8601 standard is the "big-endian form" year-month-day which is used in a few countries.
      http://en.wikipedia.org/wiki/Date_format#Date_format

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  3. Potato Blight for computers by MosesJones · · Score: 5, Insightful

    One of the major causes of the Potato famine in Ireland was the reliance on a single product (the potato) and an inability to shift to a more varied diet. Things like ILoveYou and Conflicker are preying on exactly the same homogeneous environment as they know that hitting one element yields massive results.

    Now given that this homogeneity has been driven in part via a convicted monopolist then it really is interesting how little political attention this gets. Arguably these sorts of attacks are more of a modern challenge than "traditional" terrorism and against a background of economic woe we can all do without a bunch of companies getting taken offline for a few days or suffering from industrial espionage.

    We don't learn from history, we don't apply history to new cases we just stand back in amazement after letting homogeneity develop at the impact that a relatively simple flaw can have across a large group of people.
     

    --
    An Eye for an Eye will make the whole world blind - Gandhi
    1. Re:Potato Blight for computers by Ed+Avis · · Score: 4, Insightful

      Yeah, because obviously the answer is to have a hundred different systems with a hundred different sets of vulnerabilities. That will be much easier to keep patched.

      --
      -- Ed Avis ed@membled.com
    2. Re:Potato Blight for computers by entirely_fluffy · · Score: 5, Insightful

      >Yeah, because obviously the answer is to have a hundred different systems >with a hundred different sets of vulnerabilities. That will be much easier >to keep patched. well, actually, this really is the answer - you never get rid of vulnerabilities but you can put enough variation in them that specialised viruses become less effective.

    3. Re:Potato Blight for computers by Anpheus · · Score: 4, Insightful

      Or, since the barrier to entry is so low as far as blackhats are concerned, ALL systems end up being more insecure and virus-ridden and no one benefits.

      Or virus-writers will pick, instead of the top 1, the top 5, or the top 50% of systems, and target those. Unless it were a truly heterogeneous network, with every single person having their own hand-crafted OS and application set, there will be viruses because people, dammit, want to see the dancing bunnies.

      Reference: http://www.codinghorror.com/blog/archives/000347.html

  4. Re:april fools by Rik+Sweeney · · Score: 5, Insightful

    I think the Conficker was going for the clichéd horror film approach. Granted, it should have really done it on April 2nd but doing it this way has probably blind sided more people.

  5. Patch? by SmallFurryCreature · · Score: 5, Insightful
    Why would you need to patch if nobody has a clue about how to attack your system?

    well, actually you got a point but you come at it from the wrong angle.

    The problem is that thanks to the net, EVERY COMPUTER IS THE SAME. Internet capable...

    Effecticly, this is to sexually transmitted virusses as all of us screwing everyone else at the same. The internet is a gangbang of computers.

    What this leads to is that no matter how obscure your OS and the bugs on it, someone somewhere will know about it and have, thanks to the sheer size of the net, have thousands if not hundreds of thousands of targets.

    There may not be many amiga's left but if they were all infected, it would still be a nice botnet.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  6. Re:Ahhhhhh... by parkrrrr · · Score: 5, Insightful

    The parts of the Windows mainland who install security patches are also amused. I'm sure we'll all be amused right up until the Internet we all share with the infected losers goes all wonky.

  7. Re:Holidy Weekend. by syrinx · · Score: 4, Insightful

    The irony is that a song called "Ironic" is not ironic.

    But wait, that would mean the song is ironic after all. Which of course means that it isn't.

    --
    Quidquid latine dictum sit, altum sonatur.