At first glance this one looks a little odd .... the Conficker Eye Chart tests whether your computer is infected with Conficker, it does this by checking if your browser can access common anti-virus software which is often turned off on machines affected by Conficker.
Conficker (also known as Downadup, Kido) blocks access to over 100 anti-virus and security websites. If you are blocked from loading the remote images the first row of the table (popular anti-virus and security web sites) but not blocked from loading the remote images in the second row (alternative operating systems) it is an indication that your computer may be affected by Conficker of some other malware.
The Conficker Eye Chart can be accessed here.
Showing posts with label Conficker. Show all posts
Showing posts with label Conficker. Show all posts
Wednesday, June 17, 2009
Friday, April 10, 2009
Conficker - the dog that hasn't barked ... yet!
To quote from Arthur Conan Doyle ...
Gregory: "Is there any other point to which you would wish to draw my attention?"
Holmes: "To the curious incident of the dog in the night-time."
Gregory: "The dog did nothing in the night-time."
Holmes: "That was the curious incident."
There was much speculation in the media about what the Conficker botnet would do on the 1st of April and, as with previous virus scares (Michelangelo, CIH, SoBig etc) it turned out to be more about hype than reality. The Conficker botnet remains dormant … so far.
The main activity in the run up to the supposed activation date of the first of April was a huge increase in the number of rogue security tools masquerading a Conficker clean-up packages. The botnet itself has yet to do anything but the act of spreading has already caused problems and claimed a number of high profile victims include the UK Ministry of Defence.
Conficker started spreading in November 2008 and, like many such worms, it uses a variety of techniques to spread including exploiting Windows vulnerabilities and spreading across network shares. Conficker can also spread using removable media such as USB memory sticks.
Earlier versions include a type of peer-to-peer functionality, this means that computers infected by this version of Conficker can communicate amongst themselves without needing to “call home” to a central server or servers.
Some versions call home to 250 different domains on a daily basis to check for updates. On Wedneday 1st April the latest version of Conficker began calling home to a sample of 500 out of 50,000 domains on a daily basis.
While Conficker hasn’t done anything yet it is a very real possibility that it could in the near future. So should you be panicking, no … as long as you keep your anti-virus package up to date as most up to date anti-virus programs will have no trouble detecting Conficker.
A good FAQ can be found on the F-Secure website http://www.f-secure.com/weblog/archives/00001636.html.
Gregory: "Is there any other point to which you would wish to draw my attention?"
Holmes: "To the curious incident of the dog in the night-time."
Gregory: "The dog did nothing in the night-time."
Holmes: "That was the curious incident."
There was much speculation in the media about what the Conficker botnet would do on the 1st of April and, as with previous virus scares (Michelangelo, CIH, SoBig etc) it turned out to be more about hype than reality. The Conficker botnet remains dormant … so far.
The main activity in the run up to the supposed activation date of the first of April was a huge increase in the number of rogue security tools masquerading a Conficker clean-up packages. The botnet itself has yet to do anything but the act of spreading has already caused problems and claimed a number of high profile victims include the UK Ministry of Defence.
Conficker started spreading in November 2008 and, like many such worms, it uses a variety of techniques to spread including exploiting Windows vulnerabilities and spreading across network shares. Conficker can also spread using removable media such as USB memory sticks.
Earlier versions include a type of peer-to-peer functionality, this means that computers infected by this version of Conficker can communicate amongst themselves without needing to “call home” to a central server or servers.
Some versions call home to 250 different domains on a daily basis to check for updates. On Wedneday 1st April the latest version of Conficker began calling home to a sample of 500 out of 50,000 domains on a daily basis.
While Conficker hasn’t done anything yet it is a very real possibility that it could in the near future. So should you be panicking, no … as long as you keep your anti-virus package up to date as most up to date anti-virus programs will have no trouble detecting Conficker.
A good FAQ can be found on the F-Secure website http://www.f-secure.com/weblog/archives/00001636.html.
Subscribe to:
Comments (Atom)