Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    August 2014
    S M T W T F S
    « Jul    
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  
  • About Us

    Five years ago, Conficker/DOWNAD was first seen and quickly became notorious due to how quickly it spread and how much damage it caused.

    Remarkably, after all that time, it’s still alive. It can still pose a serious problem, as it can propagate to other systems on the same network as an infected machine – a factor that may explain its high rate of infection to this day.

    Based on feedback from the Smart Protection Network, DOWNAD has been a leading threat for years. It has been the most prolific threat – as measured by the number of infections seen in the wild – since 2011. It has beat out a wide variety of threats – from crack key generators to ZeroAccess – for this dubious distinction.

    It also popularized the use of domain generation algorithms. This technique generates multiple (hundreds, in the case of DOWNAD) domains on a daily basis. It uses these domains to connect to its command-and-control servers. The sheer number of generated domains makes blocking this C&C much more difficult. Since then, it has been adopted by other malware families as well.

    In order to propagate across networks, it used a zero-day vulnerability, which was later designated by Microsoft as MS08-67.  Despite the availability of a patch, many users remain vulnerable due to negligent patching practices as well as piracy. Pirated versions of Microsoft Windows, are often unable to download and install security patches.

    In the long-term, as Windows XP machines are retired due to its end of extended support period next year, DOWNAD is destined to recede into the background. However, some systems may still be at risk. The simplest solution is simple: ensure that the software you ran – particularly your operating system – has the latest security updates. You should also check out our tips on how to see if your system is in fact infected.

    We have prepared a full malware profile which describes the capabilities, the spread, and the risks of DOWNAD/Conficker.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    • Rahul Jha

      nice approach..
      thanks to share..

      • TrendLabs

        Thanks, Rahul!



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice