RSS Alerts

Share

More services

Related Stories

  • Conficker concern continues
    Conficker continued to garner attention from security vendors this month as it spread across the internet.
  • Securing Your Home Office
    Here’s an interesting question for all you information security professionals out there: how secure is your home IT? No, seriously. There’s no doubting that you have a handle on keeping data secure across the enterprise alright, but how clued up are you away from the office where things are actually rather different in terms of both risk and response? Davey Winder investigates
  • Securing your home office
    Here’s an interesting question for all you information security professionals out there: how secure is your home IT? No, seriously. There’s no doubting that you have a handle on keeping data secure across the enterprise alright, but how clued up are you away from the office where things are actually rather different in terms of both risk and response? Davey Winder investigates
  • Look Back and Move Forward
    The beginning of a new year is often a time for predictions or, sometimes, reassertions. Drew Amorosi revisits past prognostications from Infosecurity’s editorial board to assess its foretelling prowess, examine the year that was 2010, and gather some new projections for 2011 and beyond
  • Look Back and Move Forward
    The beginning of a new year is often a time for predictions or, sometimes, reassertions. Drew Amorosi revisits past prognostications from Infosecurity’s editorial board to assess its foretelling prowess, examine the year that was 2010, and gather some new projections for 2011 and beyond

Top 5 Stories

News

Microsoft Conficker

18 February 2009

Microsoft's Conficker Cabal has been steadily registering domain names targeted by the Downadup/Conficker worm in a bid to choke off its update mechanism.

The broad industry coalition, announced last week as a broad industry effort to bring the Conficker worm down, has been busy registering domains that have been generated as targets by the malware. The worm (now available in multiple variants) checks in with a list of dynamically generated domain names, created using pseudo-random code. Arbor Networks showed last week how the cabal was registering those names, with the help of members such as ICANN and some domain registrars, to register and therefore control the domain names. They could then be used as sinkholes to further monitor Conficker behaviour, it added.

Others involved in the group include ICANN, NeuStar, VeriSign, CNNIC, Afilias, Public Internet Registry, Global Domains International Inc., M1D Global, AOL, Symantec, F-Secure, ISC, Georgia Tech, the Shadowserver Foundation, Arbor Networks and Support Intelligence.

The company, which announced a broad industry coalition designed to stop the threat last week, has also placed a $250 000 bounty on the head of its (as yet) unknown author.

What's strange is the lack of activity at the Industry Consortium for the Advancement of Security on the Internet(ICASI), which was an organisation formed by companies including Microsoft to help combat precisely this sort of large-scale online threat. Who's in charge over there?

This article is featured in:
Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012