Pages

Wednesday, September 30, 2009

What Is Conficker Waiting For?



The world wide web is under attack.  There are two distinct ways we can fight back.  Our chances to win are SLIM and None.  Your Choice. You can choose between what is pictured on the left or you can choose what is pictured on the right.  It's your World Wide Web, ask your financial institution to put a SLIM into your hand and you will eliminate the environment in which the attackers flourish...



The PIN Payments Blog has spent a lot of time on Zeus and Clampi, two Bank Trojans. However, before anyone heard of either Zeus or Clampi, Conficker has made news for almost a year. (really just noise, because nobody knows what it's going to do)



Conficker is analagous to having extremely large UFO's appear and then simply hover over every major metropolitan city in the world. There's really nothing we can do. It may simply be the the mother-ship for Clampi and Zeus who have been sent down to explore how to perpetrate the most damage.



According to PandaLabs, 60% of computers worldwide are now infected with malware, there is a list of 4500 Financial Institutions, that, when visited, alert the Bank Trojans to steal log-in credentials. So what do we do?



Well, in War of the Worlds, it was the environment that killed the threat. The environment we are using (typing) is allowing the threat to "flourish"...



There are two environments enabling all threats. 1. The Browser. (solution: Conduct Financial Transactions "outside" the browser with a separate machine such as HomeATM's SLIM) 2. "Card Not Present" Fraud. (solution: Eliminate the CNP environment by Swiping instead of Typing) Therefore, it only makes sense, that if we want to save the World (Wide Web) from being taken over by Hackers, we need to change the environment into one where they cannot survive.



How do we do that? We eliminate typing and we start "swiping"...they cannot swipe what they cannot see. With 2FA 3DES DUKPT E2EE PCI 2.x Certfied PIN Entry Device, they would need to put a camera in every home in order to steal our cardholder data.



And guess what.  That is NOT gonna happen. In the meantime, we can only watch in horror as it gets worse...and worse it will get.



Here's a clip from an article written by KJH at Dark Reading about Conficker:




Conficker Showdown: No End In Sight

Reinfected machines likely part of the 5.5 to 6 million-strong Conficker headcount





Sep 29, 2009 | 04:44 PM By Kelly Jackson Higgins - DarkReading





Security researchers have picked it apart, vendors have banded together to fight it, and most users have at least heard of it after it made the mainstream media for a possible April 1 activation that never happened -- but the Conficker worm just won't go away. Its bot count has remained steady at around 6 million machines since this summer. And no one really knows what its operators have in store for all of that firepower.



"We continue to see infection rates at a very high level, especially for the A and B variants [of Conficker]," says Andre DiMino, director of the Shadowserver Foundation, which tracks Conficker infections for the Conficker Working Group. "We've done a good job at getting a grasp on Conficker itself and its architecture, and have also had great response from groups within the Conficker Working Group. Now we just need to be a little more aggressive in remediation and with more awareness to really make a concerted effort to get this thing cleaned up."



What concerns security researchers is that despite all of the resources and attention being poured into eradicating Conficker -- Microsoft even offers a $250,000 bounty to catch the people behind the worm -- infections just keep coming worldwide. "It continues to be a giant engine idling, and we wait and see what they're going to do with it," DiMino says.



Continue Reading



Reblog this post [with Zemanta]