Web security firm attacks Conficker worm by P2P
Thursday, April 23, 2009
Security researchers have updated a free tool can locate the Conficker worm on infected PCs via the peer-to-peer (P2P) protocol cybercriminals have used to update the worm to its latest variant.
Network security firm Symantec and security expert Ron Bowes released Nmap 4.85 Beta 8, which includes a script that looks for Conficker based on its P2P ports, ComputerWorld reported.
Conficker's P2P was added as a backdoor in the Conficker.C variant, which security researchers believe was used to update the worm to its .E variant, according to ComputerWorld.
"[Bowe's] script goes out and looks for Conficker's [P2P's] listening ports," Alfred Huger, vice president of Symantec's security response group, told the security news website. "[It] then tries to chat with them. If they respond, the script looks at the replies. We helped him figure out the type of responses he'd get back [from the Conficker bots]."
Bowes cautioned in a blog post that the script isn't a sure-fire solution to the Conficker worm, which has infected millions of PCs worldwide.
Bowes has provided some tips for cleaning PCs of the worm on his blog. "Hope this script helps you out!" he wrote.
Related News:
Security firms join working group to fight web threats - 8.19.2009
Several prominent web security companies are joining together to share information and resources to fight the growing threat of malware on the web. Assembled under the IEEE Standards Association, the working group is called the Industry Connections Security Group (ICSG).
Botnet controllers using Twitter, pastebins like SaaS - 8.18.2009
Cybercriminals who control networks of compromised PCs, called botnets, have hit upon new ways to update Trojan malware through Twitter and other online services, which act as a kind of software-as-a-service (or SaaS) for cybercrime.
Internet Explorer 8 aces web browser security test - 8.14.2009
Microsoft's Internet Explorer 8 (IE8) web browser outperformed Safari 4, Firefox 3, Chrome 2 and Opera 10 Beta in a Microsoft-sponsored security test by NSS labs.
Koobface worm grows more sophisticated in web 2.0 attacks - 8.11.2009
Web security researchers are warning that the notorious Koobface worm that spreads on social networks like Facebook and Twitter has grown more sophisticated in order to evade detection and trick more savvy users into downloading malware.
Adobe Flash flaw exploited by malware in Microsoft Excel files - 8.6.2009
Security flaws that exist in Adobe Flash are being actively exploited by cybercriminals via maliciously crafted Microsoft Excel files, according to web security researchers at security firm Sophos.
|
