| |
According to security experts, Conflicker has affected more than 7 million computers worldwide. It is itself a dubious milestone in virus history. The virus was first noticed in November 2008 and since then infecting more PCs. Conflicker was significantly resilient and skilful at re-infecting systems even after being removed.
This statistics was given by the volunteer-run Shadowserver Foundation, which had logged in from more than 7 million unique IP addresses and saw that everyone got infected with the same virus.
The experts tracked the infection by cracking the algorithm the worm uses to look for instructions on the Internet and placing their own ‘sinkhole’ servers on the Internet domains it is programmed to visit.
Sinkholes are used to provide information on the number of systems that are infected by the virus.
Andre DiMino, co-founder of The Shadowserver said, “The trend is definitely increasing and breaking 7 million is pretty much of a landmark event."
Since the start of the infection, the countries like China and Brazil are working out strategies to deal with the infection through the Conficker Working Group. The PC users cannot heal the virus through the Microsoft's Malicious Software Removal Tool because most of the infected PCs run with the bootlegged copies of Microsoft Windows.
Though Conflicker story is going on, yet it’s a surprise fact that it has not been highlighted by the Conficker's author.
"The only thing I can guess at is the person who created this is scared," said Eric Sites, a member of the working group.
He also said, "This thing has cost so many companies and people money to get fixed, if they ever find the guys who did this, they're going away for a long time."
A computer is learnt to be infected by the Conflicker when a user is suddenly unable to log in to a computer. It happens as infected machines try to connect to other computers on the network and guess their passwords. It fails when it is learnt that they are eventually locked out of the network.
Experts fear that it could be hazardous if it were to be used for a distributed denial of service attack.
"This is certainly a botnet that could be weaponized," DeMino said.
"When you have a net of this magnitude, the sky's the limit in terms of what could be done," he added.
