Conficker malware generates a lot of buzz these days. No wonder – it represents a new generation of highly-sophisticated general-purpose software platform rapidly spreading over unsuspecting user machines. Conficker is in more than one way state-of-the-art malware:
- Highly efficient
- Applies the latest encryption technologies
- Hides itself in the most sophisticated ways
- Virtually unstoppable way of updating itself
Not surprisingly, it targets Windows machines (the main platform used across the World). Currently up to 10 mln machines are infected with Conficker. Another remarkable feature of the worm is that up until recently it hasn’t really caused any significant damage – yet. We know it just hangs in there waiting for instructions to come from the “mother ship”. When and how it’ll strike – is anybody’s guess. At the same time – judging from the hitherto behavior of the guys behind conficker – they will use the platform for many “mini-explosions” (ideally unnoticed) rather than a big “blast”. It’s anything but one-time usage platform.
For details you are welcome to go through a presentation I recently put together to raise awareness of Conficker with my colleagues:
Summary: Like any other malware which infects the end user machines, it’s very powerful and may render bulk of traditional anti-fraud tools & technologies useless. It’s possibilities are virtually limitless – from dDOS, spamming to key logging and information stealing. But sophistication of Conficker compared to more primitive trojan predecessors takes the challenge to the next level (I am sure we’ll witness more conficker-like trojans on the market – fraudsters have their own “arms races”).
What companies could to to be ready for Conficker? I can’t think of anything else but educating end users, perhaps mandating (or providing incentives for) installation of virus protection software on user machines (the trend has already started). Using 2FA will definitely slow the bad guys down, but by no means it’s the definitive remedy to Conficker’s and alike. How efficient all those measures are will become apparent in the upcoming years.