Tech Time Warp: Conficker - The worm that keeps on coming back

Posted by Lauren Beliveau on Nov 25, 2016 9:36:00 AM

matrix-1799650_640.jpgYou might think you’re in a recurring nightmare because this malware keeps coming back year after year — and continues to pop up in new and unexpected ways. On Monday, the Conficker virus turned eight. With its constant modifications and more than 190 million Microsoft Windows computers and 11 million IoT devices infected so far, this malware continues to haunt most IT service providers.

The beginning of the end

In the beginning, Conficker targeted Microsoft Windows users. The malware was known for cracking passwords, taking over computers, and turning them into botnets— and trying to get users to download scareware, which is a malicious program designed to trick users into buying dangerous software. It then can spread to USB drives, computers connected to a network that share weak passwords, or computers that haven’t installed the latest software updates. Since it was introduced, the code has undergone numerous changes that allow this malware to continue to pop up. In the past few years, thanks to the rapid growth of IoT devices, we are also starting to see more devices infected by this chaotic worm. In fact, Conficker is responsible for 17 percent of malware attacks worldwide.

Today, many legacy systems are still plagued with Conficker—and it has even been nicknamed as the cockroach of the Internet. Outdated Windows operating systems and legacy computers just aren’t able to get rid of this virus. Compared to ransomware strains, the Conficker virus remains a low priority threat despite its continued attack on companies. Once they’re infected, legacy systems and the connected networks are at the mercy of the virus until the hardware eventually fails.

IoT starts to see more attacks

As more IoT devices pop up in the marketplace, the chances of the Conficker virus turning them into a botnet increases. In the past year, Conficker has been found on police body cameras and has been responsible for multiple hospital IoT device attacks. Medical devices included MRI machines, CT scanners, and dialysis machines. What makes it scarier is that because Conficker is considered an “ancient vulnerability” it was able to steal patients’ records without being detected, and once a network is infected, the virus can spread from device to device.

Unfortunately, many Internet of Things devices aren’t programmed to protect against security threats, which creates a major security problem. The only way to protect yourself is to strengthen your network as much as possible. 

Intronis blog

Topics: Tech Time Warp

Which Data Loss Gremlin Is Targeting You
MSP Health Check
MSP Phishing Quiz
Intronis Local Lunches
MSP Marketing Assessment