Plateau Internet Tech Support Bulletin
The Conficker Worm is scheduled for activation on April
1, 2009. To protect your computer please read the following
bulletin and take the necessary action as soon as possible.
Below is a list of resources, in no
particular order, to help you avoid infection. Be aware
Plateau Internet does not recommend or support these
resources, but offers them as a informational resource.
Thank You,
Plateau Internet Tech Support
 Name: Conficker C Worm
Execution Date: April 1, 2009
Threat Level: High
Goal: To generate 50,000 domain names and systematically
attempt to communicate with each infected computer thereby
becoming the world’s most powerful parallel computer.Discovery Date: October 2009
Source: Possibly Eastern Europe
Alias: Downadup, Downandup,
Kido
Propagation: Spreads by copying and exploiting several weaknesses in Microsoft
Windows operating system.
Operating Systems Vulnerable: Various versions of
Microsoft Windows not patched with Microsoft’s October
security upgrade.
Methodology: the peer-to-peer design allows
infected
computers to act as clients and servers sharing files in both
directions.
Results:
-
Copies itself or
downloads other malware onto infected computers on April
1, 2009.
-
Generates
50,000 web URLS’ a day according to Symantec Corp.
-
Avoids
malware detection.
-
Disables
various security software including tools to monitor
malware.
-
Resets
account lockout policies.
-
Prevents
booting into safe mode.
-
Deletes
system restore points.
-
Slow Domain
controllers.
-
Congested
Networks.
-
Launches attack against
administrator passwords.
Additional information:
| 
