Part of the difficulty of removing a CONFICKER infection is its capability to block access to security and antivirus-related websites. It attempts to connect to a randomly-generated URL, which it created using its own domain-generation algorithm, to download additional files to infected systems. What makes CONFICKER notable is the fact that most of these worms are capable of generating hundreds of URLs that it connects to. Other variants after the first CONFICKER worm spread to other machines by dropping copies of itself in removable drives and network shares. The first variant of the CONFICKER malware family was seen propagating via the MS08-067 Server service vulnerability back in 2008. Infection Channel: Propagates via network shares, Propagates via software vulnerabilities, Propagates via removable drives
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |