Conficker: how to avoid infection and what to do if you are infected

Filed Under: Malware, Vulnerability

Ahhh Conficker. A nasty family of malware that plagued computers the world over way back in November 2008.

Yes - that's almost three years ago.

And it is still knocking about rather prolifically. Conficker remains the most commonly encountered malware family for home users and businesses alike.

Conficker can propagate in many ways, which can make it very difficult to remove from a network. A single infected computer is able to reinfect an entire network via file shares.

Microsoft's patch, issued way back in 2008, is designed to stop the infection from coming into the network via the internet, but if it manages to reach your network via another route (eg an infected USB stick), then it will still be able to spread.

Top five anti Conficker tips

1. If you fear you have an infection, you can download Sophos's free Conficker Removal tool, which detects, isolates, and removes Conficker from your computer or network. As an added plus, this tool is completely ungated for our Naked Security readers.

2. Make sure that all your computers running Windows are up to date with patches by visiting Microsoft Update.

3. Ensure your anti-virus software is up to date. If users have administrator rights, they might have uninstalled their anti-virus, or stopped it from updating. Even if you have anti-virus installed, you can still run this Free Security Scan from Sophos, if only to double check you have no hidden infections lurking on your computer or network.

4. Companies can set up a group policy to lock out accounts that attempt too many unsuccessful login attempts. The Conficker family also tries to batter its way into ADMIN$ shares by trying a long list of popular passwords, such as "nopassword", "123asd", "monitor" and, of course "secret". Here is a full list of the passwords Conficker tries to crack. Make sure your password is not on the list.

You can also watch and share this password security video, where we give practical advice on how to choose a strong password.



(Enjoy this video? Why not check out the SophosLabs YouTube channel?)

5. Educate your users about safe computing practices. You can check and share our Naked Security's Top 10 Security Tips.

It is not just about ridding ourselves of Conficker, we all need to take the appropriate steps to ensure we avoid getting infected in the first place.

, , , , , , , ,

You might like

3 Responses to Conficker: how to avoid infection and what to do if you are infected

  1. paul · 1119 days ago

    should have had a warning about bad language in the password list - "manager" is real swearword around here

  2. Tony H · 1119 days ago

    November 2008 "almost four years ago"?? Does Conficker stretch time, too?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Hi. I am a social, brand and communications expert with 10 years in senior roles in the tech space. I'm currently Sophos' s Global Director of Social Media and Communities. Proudest work achievement? Creating and launching award-winning Naked Security. Outside work, I am a mean cook, an avid reader, a chronic insomniac, a podcast obsessive and blogger .