New Scientist Tech: The Inside Story of the Conficker Worm
Jim Giles writes on New Scientist Tech:
A hotel bar in Arlington, Virginia, 23 October 2008. A group of computer security experts has spent the day holed up with law enforcement agencies. It is an annual event that attracts the best in the business, but one the participants like to keep low-key - and under the radar of the cybercriminals they are discussing.More here.
That evening, conversation over drinks turned to a security update Microsoft had just released. Its timing was suspicious: updates usually came once a month, and the next was not due for two weeks. "I remember thinking I should take a look at this," recalls Paul Ferguson, a researcher at Trend Micro, a web security company in Cupertino, California.
He did. So did the rest of the computer security industry. In fact, they talked, puzzled and worried about little else for months after. The update heralded the birth of the Conficker worm - one of the most sophisticated pieces of malignant software ever seen.
Despite an unprecedented collaboration against them, Conficker's accomplished creators have been able to bluff and dodge to gain control of machines inside homes, universities, government offices and the armed forces of at least three nations, establishing a powerful and lucrative network of "zombie" computers. New Scientist has pieced together the sobering details of that cat-and-mouse fight.