Communications of the ACM
Remember Conficker? It's Still Around
After seven years, there are still about 1 million computers around the world infected with Conficker malware.
Credit: Gerd Altmann/Pixabay
Malware called Conficker began widely infecting computers in 2008, but about 1 million computers worldwide are still infected despite years of cleanup efforts, according to a paper by researchers at the Delft University of Technology.
The researchers found Conficker's worm capabilities make it surprisingly resilient even though Microsoft patched a vulnerability in Windows XP, and it continued to infect computers even when researchers took over the botnet's command-and-control system.
Special efforts by individual countries to control Conficker, such as in Finland, helped to limit its spread, notes Delft professor Hadi Asghari. He says it is likely many computers are probably running Windows XP without automatic updates installed, so they are rarely updated or have abandoned embedded systems.
Up to 10 percent of computers infected with the Gameover Zeus botnet, a more recent malware, also were infected with Conficker, indicating that poorly secured computers can be continually harmed. Even if such vulnerable computers comprise a small percentage of the Internet, it still "turns into millions of computers," Asghari says.
The paper was co-authored by Delft researchers Michael Ciere and Michel J.G. van Eeten, and will be presented this month at the 24th USENIX Security Symposium in Washington, D.C.
From Computerworld
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found