Conficker was initially spread by exploiting a Critical vulnerability in Windows Server Service. Since that was patched in October 2008, the malicious code has continued to evolve, with two current versions, Conficker.A and Conficker.B, which use additional attack vectors including unprotected network shares and portable media’s AutoPlay feature.
“As part of Microsoft’s ongoing security efforts, we constantly look for ways to use a diverse set of tools and develop methodologies to protect our customers,” explained George Stathakopoulos, general manager of the Trustworthy Computing Group at Microsoft. “By combining our expertise with that of the broader community we can expand the boundaries of defense to better protect people worldwide.”
Currently, the best clue to origin of the Confiker worm is that the virus does not affect computers using the Ukranian keyboard layout, which has led many investigators to conclude that its author may have ties to the Ukraine. Microsoft, which considers the virus to be a crimminal attack, has guarantted to pay the reward in any country where it can be accepted, but stipulates that an arrest and conviction must be obtained for the reward to be payable.
Microsoft is not alone in this quest, either. It is but one of a consortium of companies which include ICANN, NeuStar, VeriSign, CNNIC, Afilias, Public Internet Registry, Global Domains International Inc., M1D Global, AOL, Symantec, F-Secure, ISC, researchers from Georgia Tech, the Shadowserver Foundation, Arbor Networks and Support Intelligence.
0 comments:
Post a Comment