THE threat posed by network worm Conficker is not over - instead it's a question of "what's next''.
About 11 million computers worldwide have been infected by the tenacious and mysterious worm, but the expected trigger date, April one, passed without harm.
"Most of the security communities - those who aren't caught up in the hype - are maintaining a watch on Conficker to see where it goes next.''
Concerns surround the advanced capabilities of the worm, which incorporates lessons learned from pioneering peer-to-peer worms .
"Normally with botnets, we try to find the command and control centre, because if you chop off its head the botnet dies,'' Mr Iram said. "With P2P worms, each of the peers is potentially the command and control centre and they simply pass the function among themselves.
"Their communications are encrypted - and these are good encryptions, not something that just anyone can break into - so we don't know what the infected machines are instructed to do.
"And because the drones don't need to phone home to a central controller, it becomes very difficult to find the injection point into the network, and it's very much harder to stop.''
When the Storm worm was released, it "was incredibly advanced over anything we'd seen'' at the time, Mr Ingyram said.
"They had a lot of machines that were well controlled and security people had a limited capability to disrupt or mitigate it.''
In the end, the Storm botnet was broken down and borrowed out to spammers, "which is annoying but not earth-shattering'', he said.
"But much of that experience has gone into Conficker, and even if they don't get it right this time, it's another step on the road towards better malware, and that's very concerning.''
Related Search
Computer Virus Removal
Remote Virus Scan and Removal
How To Catch A Computer Virus
About 11 million computers worldwide have been infected by the tenacious and mysterious worm, but the expected trigger date, April one, passed without harm.
"Most of the security communities - those who aren't caught up in the hype - are maintaining a watch on Conficker to see where it goes next.''
Concerns surround the advanced capabilities of the worm, which incorporates lessons learned from pioneering peer-to-peer worms .
"Normally with botnets, we try to find the command and control centre, because if you chop off its head the botnet dies,'' Mr Iram said. "With P2P worms, each of the peers is potentially the command and control centre and they simply pass the function among themselves.
"Their communications are encrypted - and these are good encryptions, not something that just anyone can break into - so we don't know what the infected machines are instructed to do.
"And because the drones don't need to phone home to a central controller, it becomes very difficult to find the injection point into the network, and it's very much harder to stop.''
When the Storm worm was released, it "was incredibly advanced over anything we'd seen'' at the time, Mr Ingyram said.
"They had a lot of machines that were well controlled and security people had a limited capability to disrupt or mitigate it.''
In the end, the Storm botnet was broken down and borrowed out to spammers, "which is annoying but not earth-shattering'', he said.
"But much of that experience has gone into Conficker, and even if they don't get it right this time, it's another step on the road towards better malware, and that's very concerning.''
Related Search
Computer Virus Removal
Remote Virus Scan and Removal
How To Catch A Computer Virus
also, most people dont even know what a spyware is some who knows dont even care to check if their Computer is infected.
ReplyDeletei've came across this blog which also talks about antispyware software on http://antispywaresearch.blogspot.com and its very interesting.