Register

The Most Active and Friendliest
Affiliate Marketing Community Online!

Register
“Adavice”/  “1Win

Conficker now active; domain routine has already started

D

djbaxter

Guest
Conficker's domain routine has already started
by Patrik, F-Secure.com
Tuesday, March 31, 2009

Mikko posted earlier about how the domain generation algorithm in Conficker (aka Downadup) works. Just to make it clear to everyone - this has now started.

Infected computers use the local time as the trigger of when to start generating the list of 50,000 domains so in places where the local time is already April 1st, these computers are now actively polling for domains.

And, until the GMT date is April 1st they are in fact polling for domains for 31st March. So far there hasn't been any updates available on those sites.

In summary: Conficker has activated. So far nothing has actually happened.
Click to expand...

...more
 
Conficker - What's going on?

Conficker - What's going on?
by Patrik, F-Secure
Wednesday, April 1, 2009

So it's been April 1st for almost 18 hours now in New Zealand and it's the early hours of April 1st on the east coast of the United States. So what's going on? So far ? nothing. Infected computers are generating the list of 50,000 domains and are attempting to contact 500 of those like we've described earlier, but so far no update has been made available (by the bad guys).

And we don't really expect one, at least not right now.

The Conficker worm is still creating headlines though as can be seen from the front page of cnn.com.
Click to expand...
 
Post April 1st Conficker Q&A
by Patrik
Thursday, April 2, 2009

Joe Stewart has created a very simple test that's available at the Conficker Working Group's site. Click here to try it out. If it says you're infected you can find a bunch of removals tools on the same site, including F-Secure's.
Click to expand...

Conficker.C was programmed to start generating a list of websites on April 1st in an attempt to download updates to itself.

Q: And did it?
A: Yes it did. That part of the worm worked just as intended.
Click to expand...

Q: So what happens now, can we forget about Conficker and worry about other things?
A: No, not really. April 1st was just the activation date. Infected computers will continue to reach out to 500 websites daily in an attempt to update itself. And let's not forget the P2P technology, it can update itself using that as well.
Click to expand...

...more
 

Similar threads

faisol ubaidillah
Seeking Help Urgent, looking who has already been working on iMonetizeIt
Replies
3
Views
2K
faisol ubaidillah
faisol ubaidillah
B
Any Ideas on a Good Company That Has a Good Program for Man Cave Ideas?
Replies
0
Views
537
Bigtoad!
B
B
Has anyone Idea which affiliate network link is it?
Replies
0
Views
771
beautysingh
B
Galaksion Ad Network
Ask Me Anything Dare you join the most profitable race across the verticals? We are already started!
Replies
0
Views
2K
Galaksion Ad Network
Galaksion Ad Network
A
How to get approved for awin and ShareAsale?
Replies
6
Views
911
affiliated.ws
A
MI
Back