What Does The Conficker Worm Do Exactly?

by Lee on September 1, 2009

in Malware

Even now, several months after Conficker first appeared, we still don’t know it’s exact purpose.

Whilst there was no great events on April 1st, as some had predicted there would be, the worm is still very much out there .

what does the Conficker worm actually do?

what does the Conficker worm actually do?

The Conficker worm has created an infrastructure that the creators of the worm can use to remotely install software on infected machines.

Those behind the worm can also remotely control those machines too, via something known as a botnet.

Infected machines can be manipulated in a number of ways.

Initial reports indicated that Conficker was serving up advertisements for fake antivirus programs.

Beyond that, nothing much else has happened.

Yet.

Conficker certainly does ensnare infected machines into a botnet but so far the botnet hasn’t been utilised in any meaningful way.

Some experts believe, however, that Conficker will ultimately turn out to be a virus that has been written for profit.

In other words, the botnet will be used to send SPAM, steal identities and direct users to online scams and phishing sites.

The Conficker worm mostly spreads across networks.

If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator.

The worm then tries to spread itself to other computers on that same network.

When executed on a computer, Conficker disables a number of system services such as Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting.

It receives further instructions by connecting to a server.

The instructions it receives may include to propagate, gather personal information and to download and install additional malware onto your computer.

The worm also attaches itself to certain Windows processes such as svchost.exe, explorer.exe and services.exe.

Tagged as: Conficker

Share this post: Tweet It | Facebook It | Stumble It | Digg It | Delicious It

Related Posts:

  • Conficker Worm – Was It Worth The Fuss?
  • Confiker Worm Evolves Into Conficker B++
  • Heres A Quick Guide To Determine If You Are Infected With The Confiker Worm
  • 64% Of You Are Worried That You Have Been Infected By The Confiker Worm
  • What Every Vista User Needs To Know About The Conficker Virus
  • 10 Must-Read Articles That Will Tell You All You Need To Know About Conficker
  • Registry Values for Conficker
  • Can I Block Conficker By Being Proactive?
  • Video : Protection From The Conficker Worm
  • How Can Conficker Can Be Beaten With Patches, Updates And Antivirus?

    • Leave a Comment

    { 1 trackback }

    Previous post:

    Next post: