Historic Hacks: The Conficker Worm
In 2008, a worm began infecting computers one at a time. While it may not have wrought the level of damage seen by some malware, The Conficker Hack meets our Historic Hack standards due to its endurance and tenacity. So in today’s installment of Historic Hacks, we will review the Conficker Worm and its replicating, shape-shifting, ability to wreak havoc.
The Conficker Hack
According to John McAfee, “The Conficker hack, first perpetrated in 2008, has not done the damage that more recent hacks have achieved, but it is notable in that it refuses to die. It is still replicating itself from one machine to another, turning each one into a zombie bot or into a keylogger that steals credit card information.”
Millions of Windows devices were exploited as the Conficker worm began corrupting files and installing keyloggers. It is notorious for being one of the most pervasive malware attempts of all time, and can still be found in computers to this day.
Aryeh Goretsky once called the Conficker worm “the worm that roared”, and which has continued roaring since 21 November 2008. Conficker was created to target Windows, and from there it “spawned numerous versions, each promising different attack methods (from injecting malicious code to phishing emails and copying itself to the ADMIN part of a Windows machine),” according to WeLiveSecurity.com.
Microsoft has issued security patches to secure systems. However, some systems manage to go without updating for much longer than is safe. Once Windows devices are corrupted, however, they become botnets that are then used to distribute spam, engage in DDoS attacks are install scareware.
15 million customers served
Experts estimate that 11 million systems have been hacked since the onset of Conficker. Hacks include governments, businesses, military operations, and more besides. Headlines in 2008 read that not even the UK’s Ministry of Defense could avoid becoming a Conficker victim. Clean-up efforts cost the British government £1.4 million in 2009.
After the UK attack, French aircraft were grounded due to the computer system’s inability to download flight plans because of the Conficker worm. Microsoft issued a $250,000 reward to anyone with information that might lead to the arrest of the launching the malicious code on the internet. However, the reward has never been paid according to public knowledge.
George Stathakopoulos from Microsoft’s Trustworthy Computing Group wrote that “The Conficker worm is a criminal attack. People who write this malware have to be held accountable.” He continues, “Our message is very clear – whoever wrote this caused significant pain to our customers and we are sending a message that we will do everything we can to help with your arrest.”
While the worm’s creators were never found, the malicious attack did force governments and agencies to create procedures to be used in the event of an attack. Security protocols grew exponentially during this timeframe leading to the verifications, scanning, and encryption used today.