We have been working to track conficker’s dns queries in order to identify infected machines/network with conficker.c. Tracking a 50K DNS names and 500++ queries from each conficker is a bit troublesome when u have to record all the DNS queries (200M records/day) and compare it with 50K/day conficker.c domain names.:). The main idea of […]
Conficker: The other not so famous Variant A
There are lot more discussions are going on for Conficker variant C (ConfickerC) due to 1st April. Why 1st april?. The 1st april is the day ConfickerC should call home for updates. The domain name generator algorithm used by ConfickerC is making blocking or detecting live ConfickerC update servers is becoming harder when it will […]