Private key crucial to tracking Conficker creators

By

Malware still infecting machines.

A private key used to sign encrypted updates for Conficker was crucial missing evidence needed to track the creators of the malware.

Private key crucial to tracking Conficker creators

The dedicated Conficker Working Group continued to hunt the creators of the malware while the worm was still actively infecting users.

Conficker Working Group member and researcher Jose Nazario said it was difficult to track the Conficker creators because they had abandoned the botnet, leaving researchers with a lack of leads.

“Well, we sort of won in that regard. They had to walk away from it. On the other hand, if they're not interacting with it, there's no more evidence coming in," Nazario told PCAdvisor.

“It feels like a stalemate. It feels like we're kind of in a holding pattern but there's still effort that goes into it.”

The working group was still interacting with sinkhole operators, top-level domain operators and ICANN, while the malware remained on autopilot  taking advantage of vulnerable computers and proving to be a long-term nuisance.

Stonesoft chief information security officer Joona Airamoof said Conficker was well designed.

"With the collateral damage being far greater than what the creator may have intended, it could have been an attack gone wild – even more reason for someone to not what to come forward.”

Microsoft announced a US$250,000 reward for information that resulted in the arrest and conviction of those responsible for the Conficker malware in 2009.

This article originally appeared at scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, UK edition
Tags:

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

International Criminal Court hit by cyber attack

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Log In

  |  Forgot your password?