acm-header
Sign In

Communications of the ACM

ACM TechNews

Remember Conficker? It's Still Around


View as: Print Mobile App Share:
Cleaning up botnets takes years to complete.

After seven years, there are still about 1 million computers around the world infected with Conficker malware.

Credit: Gerd Altmann/Pixabay

Malware called Conficker began widely infecting computers in 2008, but about 1 million computers worldwide are still infected despite years of cleanup efforts, according to a paper by researchers at the Delft University of Technology.

The researchers found Conficker's worm capabilities make it surprisingly resilient even though Microsoft patched a vulnerability in Windows XP, and it continued to infect computers even when researchers took over the botnet's command-and-control system.

Special efforts by individual countries to control Conficker, such as in Finland, helped to limit its spread, notes Delft professor Hadi Asghari. He says it is likely many computers are probably running Windows XP without automatic updates installed, so they are rarely updated or have abandoned embedded systems.

Up to 10 percent of computers infected with the Gameover Zeus botnet, a more recent malware, also were infected with Conficker, indicating that poorly secured computers can be continually harmed. Even if such vulnerable computers comprise a small percentage of the Internet, it still "turns into millions of computers," Asghari says.

The paper was co-authored by Delft researchers Michael Ciere and Michel J.G. van Eeten, and will be presented this month at the 24th USENIX Security Symposium in Washington, D.C.

From Computerworld
View Full Article

 

Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account