The blog entry (here) gives some insight into how Downadup works. The botnet -- which by now includes millions of infected machines worldwide -- receives instructions for contacting a specific domain, chosen from a daily list, on specific dates. Thatg domain in turn is used to contact "Conficker cnetral" -- the server from which further instructions and malware are dispatched.
Announcements
Commentary
The Downadup/Conficker infestation may be about wreak a little more havoc. Security firm Sophos says the botnet is gearing up for a Friday the 13th move, with Southwest Airlines among its possible targets.Security firm Sophos has posted a blog entry warning that the Downadup worm (aka Conficker, which is how Sophos refers to it)
Sophos: Downadup May Cause Friday the 13th / Southwest Airlines Problems
The Downadup/Conficker infestation may be about wreak a little more havoc. Security firm Sophos says the botnet is gearing up for a Friday the 13th move, with Southwest Airlines among its possible targets.
Recommended Reading:
More Insights
Editors' Choice
Webinars
- Developing an Effective Threat Intelligence Program for Your Enterprise
- 2021 DDoS Attack Trends: Year in Review
- Beyond Patch Management: Next-Generation Approaches to Finding and Fixing Vulnerable Code
- Strategies For Securing Your Supply Chain
- Best Practices for Extending Identity & Access Management to the Cloud
White Papers
More Insights