How did Conficker work?

How did Conficker work?

Conficker is a computer worm developed by malware authors to infect Windows computers with the vulnerability (MS08-067) and spread the infection to other such vulnerable Windows computers connected to the network without any human intervention. It is also called Downadup.

How does Conficker worm spread?

How Does the Conficker Worm Spread? The worm may spread by taking advantage of a vulnerability in the Microsoft Server service that allows remote code execution. Computers and servers without the security patch MS08-067 are susceptible to attacks.

Who was one of the prime targets of Conficker?

What is conficker? Conficker is a fast-spreading worm that targets a vulnerability (MS08-067) in Windows operating systems. Also known as Downadup, Conficker was discovered in November 2008.

Who created the Conficker virus?

History and Spread The Conficker worm got its start in November 2008, when it was discovered by Microsoft Malware Protection Center infecting computers via two mechanisms, NetBIOS(network shares, or across a corporate network with shared resources)and later USB thumb drives.

What did the Conficker virus do?

Once Conficker infects a computer, it disables many security features and automatic backup settings, deletes restore points and opens connections to receive instructions from a remote computer. Once the first computer is configured, Conficker uses it to gain access to the rest of the network.

What does the Sasser virus do?

The Sasser worm attacks recent versions of Microsoft Windows, such as Windows 2000, Windows Server 2003 and Windows XP, and causes computers to slow down, crash and reboot frequently. Sasser does not cause any permanent damage to files or machines, experts say.

Is Conficker still a threat?

Still, in the past few years Conficker detections have held steadily at well over 20,000 per month, indicating it is still highly active. No other malware has displayed this sort of longevity at this scale, says Jon Clay, director of global threat communications for Trend Micro.

How do I get rid of Conficker?

Manual steps to remove the Win32/Conficker virus

  1. Depending on your system, do the following: In Windows Vista and Windows Server 2008, click Start, type services. msc in the Start Search box, and then click services.
  2. Double-click Server.
  3. Click Stop.
  4. Select Disabled in the Startup type box.
  5. Click Apply.

How was Sasser stopped?

Sasser spreads by exploiting the system through a vulnerable port. Thus it is particularly virulent in that it can spread without user intervention, but it is also easily stopped by a properly configured firewall or by downloading system updates from Windows Update.