DOWNAD/Conficker Turns 1yr
Worm Exploits MS08-067 Bug
DOWNAD, also known as the Conficker worm, was first seen in the wild taking advantage of the MS08-067 vulnerability. True to form, it propagated via shared networks. Like its predecesors-the Sasser and Nimda worms-it also raised security concerns with regard to a spike in port 445 activity.
A few days after its appearance, reports suggested that the threat had spread. More than 500,000 unique hosts spread across networks in the United States, China, India, the Middle East, Europe, and Latin America fell prey to the threat. Several residential broadband service providers also reported having an even larger number of infected customers.
- New Year, New Variant
- Improved Domain Generation Functionality
- DOWNAD Uses P2P
- Infection Peaks
- Updated Patches Still Key
More details in http://blog.trendmicro.com/downadconficker-turns-1yr/