Recently i wrote about new Conficker variant.
By the time security industry were jubiliant fighting against it , there's a new variant Conficker C which is waiting to trigger itself on April 1 according to this paper. This is an excellent paper about the analysis of the Conficker C.
Notable aspect in this variant is the use of cutting edge computer technologies. Conficker C uses MD 6 algorithm ( buffer overflow exploitable version was also used in B variant), new dll patching techniques and P2P (peer to peer) protocol usage for updating binary.
Saturday, 21 March 2009
Monday, 9 March 2009
I blogged about Conficker few days back. Conficker exploits a Microsoft Vulnerability. Initially it was successful in creating massive damage to industry and infected large number of machines. AV industry initially suffered to clean this malware but were later successful in tracking its working and were able clear it up. To increase the cold war between AV and malware authors there's a new variant of Conficker. We'll have to wait and see how AV industry will respond to this.