Malicious code that was recently classified as a worm, surfaced in October 2008 exploits MS08-067 vulnerability in the Microsoft Windows family Operating System (surprise surprise !!). The worm is known by various names Downup, Downadup, Kido, and the most popular being Conficker.
Conflicker has gone through various stages of development that make it harder to understand; credits to the use of P2P mechanism encrypting the traffic using the latest and greatest MIT MD6 algorithm. A noteworthy mention about the client on an infected machine is that, it uses an intelligent algorithm that creates a daily list of 250 random domain names to communicate with its mother ship that advertises different domain names each day. Guess what, it gets even better, the newer variant Conflicker. C just upped that number from 250 to 50,000.
What makes this one extra special is that no one seems to still know what its gonna do on “D day”. Experts guess that April 1 could probably be that D day, but we never know…
Let the guessing games continue; in the meantime, if you don’t have the habit of installing Microsoft Windows security fixes or keep you Windows auto update OFF, it’d be a good idea to get to the Symantec website and attempt a removal of a possible infection.
Cheers, and have a SAFE April 1.