After having covered Melissa.A, Friday the 13th, Blaster and ILoveYou, it’s time to take a look at Conficker.C, a worm that emerged in October 2008 and spread by exploiting a Windows Server Service vulnerability (MS08-067) that allowed attackers to run arbitrary code remotely.
Conficker.C was difficult to recognize, as it did not display any messages or warnings that alerted to its presence on the affected computer. Then, if the system date was after January 1, 2009, it tried to connect to a certain website in order to download and run another malware specimen on the affected computer.
Its payload included notably reducing the protection level of the computer, as it prevented the user and the computer from connecting to a number of websites related to antivirus companies and products. Additionally, it took advantage of weak passwords to access user accounts on infected computers and modify their security policies.
How to protect yourself from Conficker.C
At Panda Security we’d like to offer you a series of tips to help protect yourself from this threat:
- Apply the security update associated with the MS08-067 vulnerability.
- Keep your antivirus updated. If automatic updates are available, configure your antivirus to use them.
- Keep your permanent antivirus protection enabled at all times.