Perimeter

Guest Blog // Selected Security Content Provided By Sophos
What's This?
4/2/2009
07:13 AM
Graham Cluley
Graham Cluley
Security Insights
50%
50%

A Quick And Easy Way To Tell If You're Infected With Conficker

Even though April 1st is now history, you would be foolish to think the Conficker worm is no longer a problem. It's still out there, still causing a nuisance, and could be instructed to activate a payload whenever the hackers choose. So what you want is a quick and easy way to tell if you might be infected, right?

Even though April 1st is now history, you would be foolish to think the Conficker worm is no longer a problem. It's still out there, still causing a nuisance, and could be instructed to activate a payload whenever the hackers choose. So what you want is a quick and easy way to tell if you might be infected, right?Well, the good news is that besides the myriad of free Conficker removal tools that antivirus companies have come up with, a guy named Joe has come up with something beautiful, simple, and neat that doesn't involve you installing any software at all!

Joe Stewart is the director of malware research at SecureWorks, and he has created a neat Web page that instantly and visually tells you if you're likely to be infected by the Conficker worm.

It works by presenting a page of Website logos. Because the Webpage drags down images of Websites that are blocked by the Conficker worm (to prevent you from visiting computer security Websites, for instance), it can diagnose the likelihood of your PC being infected.

Of course, you can't check all of your computers with Joe's method. Given that Conficker has network- and USB-spreading capabilities, a lot of PCs will be infected that don't have an Internet connection. And it's always possible that a new strain of Conficker comes out that his page doesn't know about, or that other connectivity problems could give you a false impression of the status of your PC.

Even so, it's genius in that way that the most wonderfully simple things always are. I love it.

Graham Cluley is senior technology consultant at Sophos, and has been working in the computer security field since the early 1990s. When he's not updating his other blog on the Sophos website you can find him on Twitter at @gcluley. Special to Dark Reading.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Insider Threat Prevention activated!
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7238
PUBLISHED: 2019-03-21
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.
CVE-2017-16253
PUBLISHED: 2019-03-21
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriti...
CVE-2017-16254
PUBLISHED: 2019-03-21
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP re...
CVE-2017-16255
PUBLISHED: 2019-03-21
An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP re...
CVE-2018-3968
PUBLISHED: 2019-03-21
An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy i...