Conficker phones home, gets no reply
As expected today, the Conficker virus has begun contacting its creators under a new and improved system. However, it doesn’t yet appear to have received any new instructions.
What happened today is that Conficker switched from calling random domains to get further instructions from a pool of 250 addresses each day to one that extends the list to 50,000 a day. That changes the task of blocking such connections from very difficult to virtually impossible.
Today was not necessarily about an event (and appears not to be), it was about the likelihood of blocking such an event. And today the chances of stopping Conficker’s creators from using their network of infected machines for malicious purposes are much lower than yesterday.
Media coverage today seems to have become so self-referential it’s bordering on incestuous. With little happening, the big story seems to be that the day is passing quietly despite media reports warning of impending doom. But few, if any, credible sources made such predictions in the first place.
Most reports before today simply stated that Conficker would change it’s ‘phone home’ system today and be ready for new instructions – and that if and when those came, there was no way to be sure what would happen, but they had the potential to be pretty nasty. That was, and still is, perfectly true and far from overblown.
While nobody is suggesting they did so, it would have probably been a great idea if security researchers had made up the April 1 deadline to focus minds on the severity of the problem.
The key point that needs to be established today is that, even if computers worldwide didn’t react in a spectacular fashion, Conficker is and always has been a virus with potential for serious harm. What may be millions of machines are still at risk of being under control by a third-party which can block them from receiving vital security updates.
Failing to tackle Conficker because nothing spectacular happened today is like not bothering to fix a broken lock on your house because it hasn’t been hit by a nuclear bomb.
Related Posts:
