The much-hyped Conficker botnet has passed its 1 April update mark without causing any major incidents. Researchers said on Wednesday that, although infected machines did appear to contact an update server, no other activity stemming from the infections has been reported."We had several readers contact us over the past 24 hours with some minor impact, but so far no reports of anything newsworthy," said Sans Institute researcher Marcus Sachs in a blog post.
"Many organisations have been proactive about scanning their systems and finding either unpatched or Conficker-infected computers that were subsequently removed for repair."
The day provides a rather anti-climactic conclusion to what some had predicted would be a major computing crisis. When news emerged that machines infected with the Conficker.C worm would be connecting to a control server on 1 April, many speculated on a possible attack.
The speculation gathered steam when large news outlets picked up the story and some pundits predicted that the update could trigger a catastrophic series of attacks.
Those charged with researching and analysing the worm, however, suggested that the update was likely to be a non-event. Experts noted that the criminals who owned and operated the botnet would not want to risk losing the valuable network by triggering a major attack.
"Setting an attack to happen in the future, and leaving the specifics of that attack in plain sight, mostly serves to give everyone a chance to prepare for the attack and defend against it," said 451 Group analyst Paul Roberts in a blog post.
"It's kind of like those hopelessly complex executions in the James Bond films. Why tie the guy to the table then wait 30 minutes for the laser to cut him up? If you want Bond dead, just shoot him in the head and be done with it?"
No comments:
Post a Comment