訂閱電子報






Confused about Conficker?

Share |
Malware and antivirus software

Confused about Conficker?

請選擇語言 / Please select the language中文 | English

CNN reported that there a new sleeper virus out there.
http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html
There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel.

CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is not very serious in terms of what it does. So far it doesn’t try to steal personal information or credit card details.”

Huh? Ok, I’ll follow suit… Conficker could allow hackers to rig elections and shut down critical power and communications infrastructure, but it doesn’t.

What Conficker could allow hackers to do is truly as irrelevant as it gets. The conditions that allow Conficker to spread mean that any semi-skilled hacker or malware author can do the same and much worse with complete and total impunity.

Conficker was one of the first worms to exploit a fairly recent and serious security vulnerability in Windows (MS08-067). Conficker doesn’t stop there though, it also is able to guess passwords set by people who do not understand security (think Twitter admin). Yes, Conficker can guess weak passwords. Conficker also exploits autorun, a vulnerability that Microsoft should have patched a long time ago, but MS insists that auto-infection is a feature. Companies that make digital photo frames, MP3 players, GPS systems, and other assorted USB devices have really embraced the auto-infect technology too!!!

To Microsoft’s credit, most of the infections are coming from the corporate space. Why is this to Microsoft’s credit? Because it means that Windows Update is working pretty well in homes, where it is usually allowed to work.

For businesses this is a dismal finding. This means that standard security basics are not being enforced. There is really sobering news here. Perhaps businesses are not investing in security. An IT person need some budget and time to do his or her job. Maybe businesses do not know how to evaluate competent security professionals to put in charge. “We needed time to test” is not an excuse for not having deployed the patch for MS08-067. If there is a legitimate reason for not having deployed the patch then there are other many other layers of defense that should be in place for protection.

Conficker should be a complete non-story, and actually it is not the story. The real story is that people are still not doing the basics. Keep your systems patched, keep your applications patched, and require and use strong passwords.


Randy Abrams
Director of Technical Education

為何選擇ESET?

ESET擁有超過25年以上防病毒軟件開發經驗,讓我們更安全享受科技。ESET軟件對硬件要求低,對惡意軟件毫不留情。

ESET技術

ESET NOD32®防毒軟件獲獎技術,始終位於數字安全行業的最前沿。軟件每日更新,保護用戶數據安全。

免費支援

為您免費提供業內領先的本地售後技術支援。如有任何問題或查詢請在辦公時間內致電 (852) 2893 8186 查詢。