Conficker

Why Trust Techopedia

What Does Conficker Mean?

Conficker is a worm that infects computers running the Windows operating system by using known flaws in Windows. Conficker uses dictionary attacks on administrator passwords to hijack machines and link them to a virtual machine that is remotely controlled by its creator.

Advertisements

Techopedia Explains Conficker

Conficker was first detected in November of 2008. It spread so rapidly that it was considered to be the biggest computer worm infection since the SQL Slammer of 2003. Researchers believe that by January 2009, it had affected more than 9 million home, business and government computers in more than 200 countries.

The name Conficker is considered a combination of the words "configuration" and "ficker." An alternate origin suggested by Microsoft analyst Joshua Phillips is that it came from trafficconverter.biz, as a rearrangement of the letters of the domain (even though the domain name lacks the letter "k"). This site was used by Conficker as a blind drop to download its updates.

There are five variants of Conficker, designated A through E. Each variant is an improvement of the previous one and contains more defense mechanisms against detection.

The first iteration of the worm was propagated via the internet by exploiting a vulnerability in Windows' network service. The second variant of the virus added the ability to propagate via local area networks, removable storage and network sharing. Subsequent variants have improved the worm’s encryption ability and detection prevention.

Although Conficker's methods are well known by researchers, its combined use of so many defense methods makes it very difficult to totally eradicate. The constant update of the worm also serves to keep it alive. Every time a fix or cure has been made, its authors remove the vulnerability against that cure.

Advertisements

Related Terms

Margaret Rouse
Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…