Threat Level: green Handler on Duty: Manuel Humberto Santander Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Conficker Continues to Impact Networks

Published: 2009-09-25
Last Updated: 2009-09-25 21:39:11 UTC
by Deborah Hale (Version: 1)
2 comment(s)

 

It appears that Conficker is still alive and well. 

www.abc.net.au/news/stories/2009/09/23/2694401.htm

I heard about a local company today who on Monday of this week started having some pretty strange goings on in their network and called in their consultants to try to figure out what was happening.  It turns out after much time spent trying to determine what was going, it was "just another Conficker Outbreak".   (Still working on it as a matter of fact). They do have anti virus however the infection went undetected for quite some time.  Why?  Because Conficker did what Conficker does and it over rode the security software and antivirus software to allow them to do their dastardly deeds while remaining undetected.  This company has close to 100 computers and more than 50% of them have been infected, some for a while it seems.  Conficker has continued to grow its little Botnet and the BotHerder is still spreading their damage.  If you look at the "pictorial" representation of the spread in the US alone from January to July it is pretty amazing.  

www.f-secure.com/weblog/archives/00001646.html

We also received an email today from a reader whose company was experiencing Conficker activity.  So perhaps there is a new wave of the bad guy coming.  So just a reminder - quick check -

www.confickerworkinggroup.org/infection_test/cfeyechart.html

If this Eye Chart doesn't display the logo's for 6 of the top security sites in the world, you may be infected and will be the next to fall to the plight of the Conficker Worm.

 

Deb Hale Long Lines, LLC

2 comment(s)
Diary Archives