Identity Theft Expert Robert Siciliano

Confickers botnet which is anywhere from 3 to 15 million PCs has a peer to peer (P2P) feature that allows each PC on the network to talk to one another and each PC can become the command server. This characteristic allows it to update each PC on the network fluidly.

The latest variant shows Conficker is updating via P2P opposed to pinging a website for its updates. It’s “self reliant”.

A botnet is a robot network of computers that are zombies that do what their leader tells them. The concept behind a botnet is there is strength in numbers. Botnets can attack websites, send spam, log data leading to data breaches, credit card fraud and identity theft, and clog a network shutting it down. botnet-herder

CNET reports researchers saw Conficker make its first update and believe it to be a keystroke logger, which is spyware designed to log usernames and passwords. This new update also tells the zombies to seek other PCs not patched with Microsofts update.

The worm further pings sites including MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com to determine if that PC has Internet access.

The Register reports Conficker is now pinging what’s known as a Waledac domain which uses a technology that contacts a new server if the current one is blacklisted by ISPs for spamming. This allows the virus to download more updates.

In the past the Storm Worm which was thought to have infected 50 million PCs, the most ever, Waledac is using the same technology as Storm Worm, storm-worm which means two things 1. This may get ugly fast and 2. Whoever is doing this must be the same criminal hackers in cahoots that built Storm Worm.

What all this means is Conficker is as dangerous as a virus can be with the best of the best technologies both old and new. While the virus has yet to strike, it is definitely gearing up.

Identity Theft Speaker Robert Siciliano discussing criminals hacking credit cards as a result of a virus here

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information

Be Sociable, Share!