It’s been over seven years since the Conficker worm, aka Downadup, spread around the world but it is back and has been infecting computers since January.
When newer malware emerges it can be instantly taken care of, but this troublesome worm has 8+ years of history behind it, wherein it kept on popping up at unexpected times in unexpected places. Indeed, it knows exceptions.
This worm thrives on windows and USB vulnerabilities, exploiting them long enough to cripple your device. Like an old man with tricky, effective techniques. No wonder Conficker worm is still the world’s topmost feared malware of all time – accounting for as many as 20% of the cyber attacks every year.
You might be thinking: What makes this malware so special?
Why can’t we just find an ultimate solution for it?
This post is an answer to all your queries about this infamous worm, beginning from the first attack.
2009 – First Massive Cyber Attack by Conficker Worm
A computational blackout. From petrol pumps to big shot military machines; the massive malware attack of April 2009 left nothing untouched. Around 11 million devices, including several critical networks, were infected all around the globe.
This attack is, undoubtedly, made cybercrime history.
- October, 2008 – Microsoft announced a particular vulnerability in Windows (MS08-67) which could pave way for malware infections
- November, 2008 – Conficker worm was found and decapitated
- April, 2009 – A new variant of Conficker worm went wild, infecting hundreds of devices in one go
Aligning itself to the vulnerabilities of MS Windows, Conficker worm rapidly multiplied over just a few days. It spread across 190 countries, compromising computers in every field: from homes, businesses, nurseries, government offices to hospitals.
It wasn’t the work of a lone worm variant.
Conficker worm created an army, spawning a million versions each killer more potent than the last. Every variant had an attack method of its own, from phishing, spam codes, copying itself into crucial Windows operating system files, to hijacking the system and create a botnet. Very effectively!
2017 – Conficker Worm Resurfacing Once Again To Infect Systems with WannaCry
WannaCry needs no introduction. The destruction it caused in May is testament enough to its efficacy.
Now, imagine it leveraing a more experienced senior, the Conficker worm. Scary, right?
Sadly, that is exactly what happened.
Whilst the pandemonium of WannaCry might have diminished, infected machines were proactivey targeted as result of their age-old conficker worm infections. WannaCry actors active focused on the 600,000 devices which still host the Conficker malware.
It’s not all bad news.
Devices which were previously remediated of Conficker worm were left untouched by WannaCry. The lesson here, is always update and patch to the latest version, don’t procrastinate.
Why Conficker Worm Is Considered Dangerous?
Now comes the most important question: What makes Conficker worm so deadly?
Apart from playing with the Windows OS and turning them into botnets, this highly notorious worm is capable of disabling the antivirus software making it super-vulnerable to other outside threats.
The worse part; it travels via network, system files, USB or internet.
As long as an infected endpoint is connected to other innocent ones, the chances are they will get contaminated as well.
Conficker’s most recent victims include IoT devices (like MRI machines, CT scans, cameras) where it focuses on stealing crucial medical and personally identifiable information (PII) data.
How is it different from other malicious malwares, though?
As explained earlier, the Conficker worm takes advantage of age-old techniques, which are prevalent today. Most malware today avoid stream infiltration, preferring to conceal themselves as undetectable Trojan horses. They also establish small-scale attacks at first to test waters.
Conficker is a bold worm. It attacks all at once, with hundreds of weapons and attack methods aiming to cripple you. Indeed, an insidious bandit.
How to Prevent Your System from Conficker Worm Infection
Always remember: if your system remains infected, chances are it’s going to affect other systems too.
Be a responsible netizen!
Make sure all the devices under your scrutiny are completely protected with the latest security updates and Microsoft patches. Keep your devices up to date as older-versions of any application or OS can be the most vulnerable ones. Another tip: is to disable Autorun to avoid automatic Conficker worm compromise from USB or other connected devices. Finally, you can always consider cyber security providers like Apvera for ultimate protection, from USB malware detectors to firewall exploits.
Presonal & home devices that are used for BOYD are a risk too. They can become infected with the worm and then can be brought into the office, by-passing all perimeter and antivirus assets.
Put a stop on the infection as soon as it is detected, don’t let it spread.
The Internet world is expanding, as is the cyber crime rate. Conficker isn’t what it was a decade ago. It has evolved, it has taken hold within the growing number of computer devices, and we need to be well prepared for anything that future holds!
Stay safe from WannaCry by making sure your cleanse your system of Conficker.