The blog entry (here) gives some insight into how Downadup works. The botnet -- which by now includes millions of infected machines worldwide -- receives instructions for contacting a specific domain, chosen from a daily list, on specific dates. Thatg domain in turn is used to contact "Conficker cnetral" -- the server from which further instructions and malware are dispatched.
1 MIN READ
Sophos: Downadup May Cause Friday the 13th / Southwest Airlines Problems
The Downadup/Conficker infestation may be about wreak a little more havoc. Security firm Sophos says the botnet is gearing up for a Friday the 13th move, with Southwest Airlines among its possible targets.
- Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks
- How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment
- Successfully Managing Identity in Modern Cloud and Hybrid Environments
- Shoring Up the Software Supply Chain Across Enterprise Applications
- The Promise and Reality of Cloud Security
- Welcome to Modern Web App Security
- AppSec Best Practices: Where Speed, Security, and Innovation Meet in the Middle
- Understanding Vulnerability Prioritization Technologies - From Generic VM to VPT
- What Are the Top and Niche Use Cases for Breach and Attack Simulation Technology?
- Top Ten Tips: Securing Multi-Cloud with Modern CSPM