downadup
Many PCs still not patched against Conficker vulnerability
Scott Lewis in our Columbus office has been doing some number crunching, and come up with some disturbing statistics after examining the data produced by Sophos's free endpoint assessment test. The Sophos Endpoint Assessment Test is a free tool that Read more…
New domains and processes blocked by Conficker update
Our analysis of the new Conficker variant that first appeared around a day ago is ongoing. We now know that as well as the executable component, an update to the Conficker DLL in the system32 folder is installed. Initial analysis Read more…
Conficker headline competition - we have a winner!
Thanks to everyone who entered the Conficker news headline competition I was running earlier this week. Here's just a few of the entries: Conficker: world's greatest April Fool's joke or 'digital Pearl Harbor'? Conficker: Doomsday or Rickroll? Brainy worm might Read more…
Conficker-C: A technical analysis
Niall Fitzgibbon and Mike Wood in SophosLabs have written a detailed technical paper analysing the latest version of the Conficker worm. It's an excellent piece of research, but not for the faint-hearted so be sure to be wearing your propeller Read more…
So, who did hype up Conficker?
Charles Arthur has written a curious piece on The Guardian website this morning: "Antivirus companies' worst fears realised as Conficker does... nothing". Charles argues that it was some parts of the anti-virus industry that started the panic, but unfortunately doesn't Read more…
What's the best Conficker news headline you've seen?
The hours are ticking down to April 1st - in fact, in some parts of the world it's already April Fool's Day. (Wave to our friends in eastern Australia and New Zealand!) But Conficker works at its own pace, and Read more…
Conficker's impact on Google Search
No, don't worry - I'm not saying that Conficker has some secret payload that interferes with Google. :) Instead I wanted to point out how a hystericane (also known as a hysteria hurricane, or a frenzy generated by a media Read more…
Video: Conficker and April 1st - what's all the fuss about?
Sean Richmond and Duck in our Sydney office recorded a podcast all about Conficker and April Fool's day. For a bit of fun we added some graphics and fairy dust and turned it into a movie. (Enjoy this video? You Read more…
Hype, April fool's day, and the Conficker worm
"Millions of computers around the world could go into meltdown on April 1 because of a deadly virus." Those are the words from a report in today's soaraway Sun, a British tabloid newspaper. With that kind of talk in a Read more…
Conficker: Why I can't tell you what it will do on April 1st
There's been a lot of media interest in the last few days regarding what the Conficker worm might do on April Fool's Day. Well, here's the bad news. I'm afraid it's not possible for us to analyse any potential payload Read more…
Microsoft offers $250,000 for the head of Conficker's author
Microsoft has announced that it is offering a $250,000 reward for information that leads to the capture and conviction of the authors of the Conficker worm (also known as Downadup or Confick). This development shouldn't surprise anyone. Microsoft's reputation is Read more…
System administrators point the finger at each other over Conficker virus outbreak
You're not a very forgiving bunch are you? :) At least, that's the message I'm getting from the poll we ran overnight. It looks like 30% of you feel that fellow system administrators should shoulder the blame for the recent Read more…
Quick poll: Conficker worm - who is to blame?
The Conficker worm is continuing to make the headlines and create headaches for some system administrators - indeed, it's one of the biggest virus outbreaks we've seen for some time. If you've got two seconds then why not just give Read more…
Passwords used by the Conficker worm
It's not possible to emphasise enough the importance of using sensible passwords on your network. Not just on the areas of your network that you don't want your users to traipse through, but also on the default network shares that Read more…
How to stop the Conficker worm on an unpatched PC
In the last week or so there has been a resurgence in the Conficker worm (called W32/Confick by Sophos's anti-virus products, and also known as Downadup) that we first saw in November. This is probably due to the malware authors Read more…
A Confick of interest
Earlier this week we witnessed the release of a new propagation technique that exploits a recent Microsoft vulnerability in the Windows Server Service. W32/Confick-A uses this security loop-hole to propagate its malicious DLL across user networks, generally making a real Read more…
Conficker worm exploits Microsoft MS08-067 vulnerability
Back in October I warned you about a critical security vulnerability found in some versions of Microsoft Windows. Known as as MS08-067, Sophos published information about this serious vulnerability and warned of the potential for worms to be written which Read more…
