Cloud Security: Internet Virus Conficker’s grand plan — VaaS or better yet Virus as a Service?

This will seriously wake up the security community.

There is increasing suspicion that Conficker will ultimately turn out to be a computing-for-hire scheme, imitating the hottest trend in the industry, known as cloud computing, in which companies such as Microsoft and Amazon sell computing as a service over the Internet.

Security researchers say prior botnets were designed to be split up and rented via black market schemes common in the Internet underground.

The Conficker program is created so that once it infects a computer, it can be programmed remotely by software to serve as a system for distributing spam or other malware.

Many who have analyzed various versions of the program said Conficker’s authors were obviously tracking efforts to restrict the program, and had consistently shown that their skills were at the leading edge of computer technology.

For instance, Conficker had already gone through several versions when the alliance seized control of 250 Internet domain names the system was planning to use to send instructions to millions of infected computers.

A short time later during the first week of March, Conficker C, the fourth known version of the code, extended the number of the sites it could use to 50,000. The move made it virtually impossible to stop Conficker’s creator from communicating with their botnet.

“It’s worth noting that these are folks who are taking this seriously and not making many mistakes,” Jose Nazario, a member of the international security group and a researcher at Lexington, Mass-based Arbor Networks, which provides tools for monitoring network performance.

“They’re going for broke,” he told the New York Times.

Source

No related posts.

Comments

Leave a comment