Category: Malware Analysis
05/11/09
Conficker E, We Hardly Knew Ye
On April 8th, Conficker updated itself to variant E. (An only half-serious question: Do these warrant new variants if malware is updating itself? Maybe we should call them Conficker ServicePack 1 through X)
Some of the changes made to variant "E" in… more »
Conficker and Encryption
Conficker authors have shown adaptability in using and changing the many types of encryption and hashing algorithms used by Conficker including:
- SHA-1 (Conficker A/B - replaced by MD6 in C)
- 4096-bit RSA key (C and later)
- RC4
- MD6
At a hig… more »
04/10/09
New Conficker Variant? (WORM_DOWNAD.E)
The internet as we know it did not end on April 1st as some media outlets would have lead us to believe. What did happen was that a very well-written worm called conficker started scanning a pool of 50,000 randomly generated domain names for instruction… more »
03/31/09
Excellent Conficker Analysis (All Currently Known Variants)
As everyone is well aware, conficker worm variants have been exploiting MS-08-067 since November 2008 (possibly earlier). Conficker continues to spread depite the fact that a patch has been out for this vulnerability since October of 2008. The latest "… more »
04/01/08
Nuwar Takes Advantage of April Fools' Day
Just in time for April Fools' Day, a new variant of Nuwar is making its rounds (see my
previous write-up on nuwar here). Unfortunately, at the time of this writing VirusTotal is
reporting AV vendor detection rates at around 40%.
Just like other… more »
XML Feeds©2010 by Priveon, Inc.