Symantec Admits its Unpreparedness to Handle Conficker Virus Last year
At a conference on security forecast for 2010, Orla Cox, Senior Manager of Symantec, acknowledged that the extremely fast propagation of Conficker had taken the company off guard. She said that Symantec researchers knew that the malware item (Conficker) could potentially exploit the vulnerability, but they thought that people probably knew what to do on the basis of past experiences, as reported by Mxlogic on November 17, 2009.
Cox further said that the researchers realized their mistake when they discovered the slow pace at which some computer users patched known security flaws, as reported by V3 on November 17, 2009.
Actually, it has been observed that Conficker exploits known security flaws in Windows systems for infecting un-patched PCs. After the infection, PCs can be treated in any malicious way, often making it another infected bot for a network of compromised PCs and utilizing it for launching massive spam operations or Distributed Denial of Service (DDoS) assaults.
Moreover, the worm infected huge numbers of computers during the early part of this year (2009) although it did not intend to directly attack them. It was merely a gateway for other malicious software to wage the attacks. However, an outbreak on a large scale that many researchers thought would take place on April 1, 2009 didn't occur at all.
Cox also contended that in 2010, fake antivirus software, also popularly known as rogueware, scareware or ransomware, could evolve to cause a significant change in the security landscape.
She warned that while such software might attain their maximum capacity when users get to know them better, they could also become even more malicious, hence more dangerous.
Indeed, Cox's alert connects with what Senior Analyst Paul Wood at MessageLabs stated - while Conficker was yet to demonstrate its full capability, the worm might serve as a future 'dropper,' initiating other malicious software like fake antivirus programs to find a place on people's systems, as reported by Webuser on November 17, 2009.
» SPAMfighter News - 26-11-2009