Old IOT Malware Comeback

An old IOT Malware called Conficker which has made a comeback in the year 2020. This IOT Malware was first discovered in the year 2008 that has exploited the bug that found within Windows XP and older Microsoft Operating System that spread to any machines that were vulnerable to it.

The way of spreading itself by binding into a botnet and it could be dangerous to the other machine within the networking. During the period of discovering the malware, an estimated 15 Millions of computers have been affected by Conficker and remain an active threat since then.

Source: UPDATE April Fools? CONFICKER VIRUS set to strike April 1 2009

The video shown above is achieved about the Conficker virus that been strike around 1 April 2009.

Moving forward, the IoT Malware have increased their victim from 400,000 to 500,000 machine where it was thanks to an unsupported and outdated version of Windows.

May Wang, Senior Distinguished Engineer at Palo Alto Networks and former Zingbox CTO have told to Zdnet as follows:

We observed anomalous network traffic such as excessive Server Message Block (SMB) traffic, Domain Generation Algorithms (DGA) being used by the infected devices, as well as specific patterns in Conficker shellcode execution attempts

In the year 2020, Conficker malware has affected Medical machines such as a mammography machine, a digital imaging unit, a radiology machine and others. As a result, Hospital staff have tried to recover from the infection by restarting the machine but the malware did re-infected the machine one again after the machine has fully operated.

The user and System Administrator will need to update their computer operating system and they also need to disable the SMB service within the Operating System. Besides that, they will need to monitor any update and patches that available in the wild to ensure the machine is secure from the malware.

Source: How poor IoT security is allowing this 12-year-old malware to make a comeback, UPDATE April Fools? CONFICKER VIRUS set to strike April 1, 2009

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *