ASProx botnet dials into Conficker domains
Received:: February 4, 2009 | Category:: rorret
The zombie network created by the Conficker worm is yet to go “live”, but it’s displaying curious behaviour that yields potential clues to its origins and purpose.
Compromised Windows PCs are turned into zombie drones, programmed to phone home through a changing (pre-established) list of servers. This behaviour, first analysed by anti-virus firm F-secure, has allowed other security researchers to track the worm’s activities.
The number of unique IPs hitting the sinkhole per day tripled, reaching 12 million by the last day of the study.
via ASProx botnet dials into Conficker domains • The Register.