Peaches Posted April 23, 2009 Report Share Posted April 23, 2009 Researchers turn Conficker's own P2P protocol against itselfSymantec, Ron Bowes join forces to detect infected PCs by chatting with worm over P2PApril 22, 2009 Security researchers have updated a free tool that sniffs out the notorious Conficker worm on infected PCs by using the same peer-to-peer (P2P) protocol the malware relies on to communicate with its hacker masters.Symantec Corp.'s security intelligence analysis team has worked with Ron Bowes, a contributor to the Nmap scanner, to come up with a way to detect machines infected with Conficker.c and later variants.Conficker, which exploded onto the Internet in January -- eventually hijacking millions of PCs -- has had several updates since its November 2008 debut. Conficker.c gained the most attention because of an April 1 trigger, the date when it was to switch to a new communications scheme. Several days later, Conficker.c-infected computers were upgraded to the newest version, Conficker.e, which in turn installed the Waledac spam bot and "scareware" software, a fake security program that nags users until they pony up $50 for the useless application.computerworld - http://tinyurl.com/dddt4r>>>>>>>>> Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.