|
Title: Conficker.E to self-destruct on May 5th? Post by: timmedin on April 25, 2009, 05:42:31 PM Quote The evolution of the multi-faceted Conficker worm is expected to take another turn this May 5th when the latest version, Conficker.E, will simply self-destruct on infected machines, say a number of security researchers. F-Secure, Trend Micro and SecureWorks are among those that believe Conficker.E—first spotted just this April and probably created by the same attackers that since last fall let loose the Conficker.A through Conficker.C variants—has been designed to simply self-detonate on May 5th. “It will simply self-destruct,” says Mikko Hypponen, chief research officer at F-Secure, pointing out that researchers, who had been arguing over name for variants, agreed to skip past the name “Conficker.D” entirely to settle on the name “Conficker.E.” http://www.networkworld.com/news/2009/042409-conficker-worm.html What would be their motivation to do this? If you have gained ground, why give it up? Why not have it pull updates and continue on? My best guess is the authors authors just want to get drunk on Cinco de Mayo and they don't want to worry about it that day or the next then they have severe hangovers. Anyone else have a better conspiracy theory? Title: Re: Conficker.E to self-destruct on May 5th? Post by: don on April 25, 2009, 08:38:13 PM Actually I think I do...
Isn't that the same date that MS leaked that it would make the RC of Windows 7 available to the general public? Hmmmm... Don Title: Re: Conficker.E to self-destruct on May 5th? Post by: Andrew Waite on April 26, 2009, 02:25:20 AM I've wondered for a while if .E could have been part of a coup attempt (either within Conficker's authors or external) which could explain the relatively small number of .E infections compared with reported statistics on other variants.
With a self destruct feature it could even be some 'white-hats' got control for research and are now releasing the infected machines. Would love to see some analysis if this is the case. Or Don may have the right idea; Viral (literally) by Microsoft? Conficker appeared after the patch so MS definitely know about the vuln before exploit.... I love a good conspiracy theory, and Conficker is turning into a geeky soap-opera :D Title: Re: Conficker.E to self-destruct on May 5th? Post by: timmedin on April 27, 2009, 10:32:53 AM Actually I think I do... Isn't that the same date that MS leaked that it would make the RC of Windows 7 available to the general public? Hmmmm... Don Are you saying the Windows 7 = Conficker.f? ;) Title: Re: Conficker.E to self-destruct on May 5th? Post by: timmedin on April 27, 2009, 10:37:07 AM I've wondered for a while if .E could have been part of a coup attempt (either within Conficker's authors or external) which could explain the relatively small number of .E infections compared with reported statistics on other variants. With a self destruct feature it could even be some 'white-hats' got control for research and are now releasing the infected machines. Would love to see some analysis if this is the case. I wonder if it is "test" of what is to come. I have heard that the malware developers are usually separate from the controllers. If the developers gave the controllers a "demo" of their latest version then this would make sense.
Powered by SMF 1.1.18 |
SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com |