Conficker FTW

Listen, I’m not going to pretend to understand any of this Conficker business. But the folks over at Gizmodo do, and they’re basically saying the following: hold on to your effin’ hat.

“And here’s why that is deeply, deeply scary. As we explained, Conficker has built a zombie botnet infrastructure by registering hundreds of spam DNS names (, and the like), which it then links up and uses as nodes for infected machines to contact for instructions. In its earlier forms, Conficker attempted to register 250 such DNS names per day. But with the third version of the software, the Conficker.c variant which has been floating around for the last month or so, the number of spam DNS takeovers was boosted to 50,000 per day–a number security pros can no longer keep up with.

What the April 1 update did was simple: It provided instructions for linking up with the thousands, perhaps tens of thousands of new nodes registered by Conficker.c over the last few weeks, effectively growing the size of the p2p botnet to a point where it can not be stopped.”


Get a weekly recap in your inbox every Sunday of our best stories from the week plus a primer for the days ahead.

Find It

Search our directories for...









View All

View All


15 responses to “Conficker FTW”

  1. Chris says:


  2. Gadfly says:

    Or any Mac.

  3. Zac Crain says:

    @Chris: I’m not so concerned about my computer. Use a Mac here and at home. But what of the Internet, which is what this seems designed to kick in the jeans?


    Sorry. Got a little emotional.

  4. VM says:

    Just hope and pray it isn’t as big and bad as Y2K was. Remember how all the computers everywhere went haywire and the world as we knew it ended. It was awesome.

  5. Zac Crain says:

    @VM: Point taken.

  6. Jb says:

    “By the time Skynet became self-aware it had spread into millions of computer servers across the planet. Ordinary computers in office buildings, dorm rooms; everywhere. It was software; in cyberspace. There was no system core; it could not be shutdown. The attack began at 6:18 PM, just as he said it would. Judgment Day, the day the human race was almost destroyed by the weapons they’d built to protect themselves. I should have realized it was never our destiny to stop Judgment Day, it was merely to survive it, together. The Terminator knew; he tried to tell us, but I didn’t want to hear it. Maybe the future has been written. I don’t know; all I know is what the Terminator taught me; never stop fighting. And I never will. The battle has just begun.” – John Connor

  7. Chris Chris says:

    Anybody else say “Cornflicker” in their head whenever they read “Conficker”? No? Just me? Damn.

  8. Idunno says:

    Go here for information. If you can’t get to this page or subsequesntly Window’s updates page you’ve got it. The patch can be e-mailed to you.

  9. Jb says:

    I’m still not believing it. If it takes this much time to do anything than it can be stopped, which makes the idea of creating such a slow working worm pretty futile and the creator would know that. Something devastating in the cyberworld would have to hit instantly where nobody would have time to figure out the ‘antidote’ which even Microsoft apparently has done. This is a ruse or one big marketing ploy set up by the all powerful “Software Anti-Virus Association of America.”

  10. Stephanie says:

    Chris, I read Cornflicker. Close.

  11. Puddin'Tane says:

    Did anyone ever say where the point of origin is? Normally stuff like this can be traced to the host country but I haven’t seen anything about it.

  12. David Lightman(Broderick) says:

    Has anyone tried playing Tic Tac Toe to solve this problem.

  13. JimS says:

    The p2p conficker botnet is too big to fail.

  14. Dallasite says:

    Conficker is so big that it has its own facebook page now.

  15. Eddie says:

    This article is misleading and inaccurate in many ways.
    First, the patch hasn’t been out a month. It’s been out 6 months. (released October 23rd). If you’re not patched, you asking for trouble.
    Also there was no ability to “push updates through any fences”. All it did was “Pull” updates on already infected machines just like a regular user would request a webpage.

    It’s detectable and cleanable if you have any kind of antivirus, so it’s doubtful it will exist in any great numbers as time goes on and will lose its ability to infect machines as they get updated.

    It has little impact on home users. Most of the trouble has been companies with many unpatched machines and once it’s in your environment patching after the fact doesn’t completely prevent the spread(if you log into an infected machine with domain credentials it can spread to other machines you have permissions too even if they are patched)

    So if your not in your companies IT department, relax. If you are, you should make sure you read the Microsoft guidance to protect your network.