Conficker (a.k.a. Downup, Downadup or Kido) is a notorious computer worm which was first detected in November 2008. It targeted port 445 of the Windows XP operating system, trying to pull computers into its botnet. Although efforts have been made to stop it, this worm is still on the loose among older vulnerable systems. Perhaps the greatest threat to it is obsolescence, since it cannot infect the newer patched Windows systems, Linux systems, or the Mac OS.
Botnets, especially ones of the magnitude Conficker achieved, will normally be used are much as possible, giving them one task after another to perform. In time, the botnet will break down or be stopped, so it should be used while this is possible. However, the Conficker botnet was used very little, other than for a brief time sending spam e-mails. For most of its existence, it idled, waiting for instructions. However, the "bot master" (the person(s) who created the worm and controlled the network) did work to keep it functional. Security experts began blocking the bot master as best they could by registering the web domains needed to communicate with the network. To provide instructions to the botnet, the bot master would have needed to register a predefined domain himself, but they did what they could to stop this. However, the bot master managed to get through, and update the worm so that it would check even more domains. This made it harder for the security professionals, but they still managed to do fairly well. Because of this, a third update was released, making it nearly impossible for that small of a group to register all of the domains in time. Once again unencumbered, the botnet is still not known to have done much. Since it relied on a vulnerability in Windows XP, the botnet has mostly failed since then.
- In November 2015 (seven years later), the news broke that Conficker was found pre-installed on police body cameras provided by Martel Electronics
- Worm: The First Digital World War by Mark Bowden