David Kirkpatrick

April 15, 2009

Conficker not done?

Filed under: Media, Technology — Tags: , , , , , — David Kirkpatrick @ 4:56 pm

Either the Conficker virus has some very nasty surprise in store sometime soon, or it’s been the biggest over-hyped flop to come along in a very long time. The media had people (casual users) frightened to even boot their computers on April 1.

I’m thinking a lot of the ongoing reports — such as security analysts announcing the creator of the computer virus changed the bug’s orders plan after so much publicity broke out — are just signs that “security analysts” don’t want to appear wrong. Very similar to political pundits who declared great truths and when those proclamations turn out to be horseshit simply move on to the next idea.

At any rate, I’ll add to the noise level by posting this press release from one of those experts.

The release:

Conficker Worm Expected to Influence Rise in Spam, Says Commtouch Trend Report
SUNNYVALE, Calif.–(BUSINESS WIRE)– Computers infected by the Conficker worm could cause a meaningful rise in spam levels for the next quarter, according to the Q1 2009 Internet Threat Trends Report by Commtouch(R)(Nasdaq:CTCH). The multiple variations of the worm have infected approximately 15 million computers around the world according to researchers.

Highlights from the Q1 trend report include:

  • Loan spam jumped to the top of the list of top spam topics, with 28% in the first quarter, possibly reflective of the global economic situation.
  • Users of social networking sites were targeted by new, more complex phishing attacks.
  • Computers/Technology sites and Search engines/Portals are among the top 10 Web site categories infected with malware and/or manipulated by phishing according to the Commtouch Data Center.
  • Brazil continues to lead in zombie computer activity, producing nearly 14% of active zombies for the quarter.
  • Spam levels averaged 72% of all email traffic throughout the quarter and peaked at 96% of all email messages in early January. It then bottomed out at 65% in February.
  • Spammers attacked large groups of an ISP’s users and moved to the next ISP in a targeted spam outbreak.
  • An average of 302,000 zombies were activated each day for the purpose of malicious activity.

“To block the flood of spam that the massive botnet created by the Conficker worm is capable of sending, new spam detection methods beyond traditional content filtering must be employed,” said Amir Lev, chief technology officer of Commtouch. “Detection based on analysis of patterns is the best tool to block massive spam attacks as these patterns will be created in seconds and the IP addresses of the infected computers will be tracked within minutes.”

Commtouch Recurrent Pattern Detection(TM) and GlobalView(TM) technologies identify and block messaging and Web security threats, including increasingly malicious malware and phishing outbreaks. More details, including samples and statistics, are available in the Commtouch Q1 2009 Internet Threats Trend Report, available from Commtouch Labs at: http://www.commtouch.com/download/1348.

NOTE: Reported global spam levels are based on Internet email traffic as measured from unfiltered data streams, not including internal corporate traffic. Therefore global spam levels will differ from the quantities reaching end user inboxes, due to several possible layers of filtering at the ISP level.

About Commtouch

Commtouch(R) (NASDAQ:CTCH) provides proven messaging and Web security technology to more than 100 security companies and service providers for integration into their solutions. Commtouch’s patented Recurrent Pattern Detection(TM) (RPD(TM)) and GlobalView(TM) technologies are founded on a unique cloud-based approach, and work together in a comprehensive feedback loop to protect effectively in all languages and formats. Commtouch technology automatically analyzes billions of Internet transactions in real-time in its global data centers to identify new threats as they are initiated, protecting email infrastructures and enabling safe, compliant browsing. The company’s expertise in building efficient, massive-scale security services has resulted in mitigating Internet threats for thousands of organizations and hundreds of millions of users in 190 countries. Commtouch was founded in 1991, is headquartered in Netanya, Israel, and has a subsidiary in Sunnyvale, Calif.

Stay abreast of the latest messaging and Web threat trends all quarter long at the Commtouch Cafe: http://blog.commtouch.com. For more information about enhancing security offerings with Commtouch technology, see http://www.commtouch.com or write info@commtouch.com.

Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch.

 

 

Commtouch

<<Business Wire — 04/15/2009>>

April 1, 2009

Conficker bust?

Filed under: Business, Technology — Tags: , , , — David Kirkpatrick @ 3:08 pm

The end of the internet as we know it? Not so much. Maybe the black hats responsible for the worm got cold feet after Microsoft put a quarter million dollar bounty on their head.

From the link:

Malicious software installed on millions of computers has yet to wreak havoc on technology systems worldwide as some fear, but researchers warned that the “Conficker worm” could still strike in the future.

Also known as Downadup or Kido, Conficker turns infected PCs into slaves that respond to commands sent from a remote server that effectively controls an army of slave computers.

Researchers feared that the network created by Conficker might be deployed on Wednesday for the first time since the worm surfaced last year because its code suggested it would seek to communicate with its master server on April 1.

They formed an industry-wide task force to fight the worm, bringing widespread attention that experts said probably scared off the criminals who command the army of slave computers, known as a botnet.

“The Conficker-infected machines attempted to call home to get new commands from their master but those calls went unanswered,” said Joris Evers, spokesman for security software maker McAfee Inc.

March 31, 2009

Worried about Conficker?

Filed under: et.al., Technology — Tags: , , , — David Kirkpatrick @ 1:29 pm

Here’s a page full of information.