Conficker Continues to Create Mayhem

ShadowServer Foundation, a non-profit organization that tracks global botnet infections unearthed a revamped statistics page. The results showed that the three main Conficker variants (A, B & C) have become widespread and their magnitude to infect machines around the world is very high. Conficker has piled up a botnet of over 6.5 Million infected computers worldwide.

According to ShadowServer's data, Conficker is grouped into two classes. The variants Conficker A and Conficker B of the program are grouped under Conficker A+B. These variants try to propagate automatically. On the other hand, Conficker C that emerged in March 2009 needs to be updated to spread. On the whole, the numbers of Conficker A+B led infections are increasing, while the amount of infections made by Conficker C is falling, as indicated by Internet addresses.

Even though there are a large number of Conficker-infected systems in big countries like China, merely 1% of the country's biggest network's IP space reflects signs of infection. On the other hand, more than 5% of IP space in the large networks of countries like Indonesia, Vietnam and Ukraine points towards the signs of infection.

The organization's data lists country-wise top 500 autonomous system numbers (ASNs), or IP routing groups under a network operator. It also analyzes the amount of infected IP addresses by their network purveyor.

According to this, most infected ASNs are in Russia with 1,075. In the US, there are 604 infected ASNs, and in Ukraine, there are 419 compromised ASNs. AT&T Internet Services in the US has the highest number of unique Conficker A and B variant IP addresses, which is 9,783, BellSouth.net has 9,463, and Verizon Internet Services has 6,701. Meanwhile, Corbina Telecom in Russia has 55,538 such addresses.

These statistics were not inclined to embarrass or shame any organization or company, the only motive was to reveal the extent and depth of how the worm affects a global scope of network providers, said Shadowserver, as reported by The Washington Post on December 16, 2009.

To conclude, although the organization (Shadowserver) remains a member of the Conficker Working Group, the best efforts of the group are yet to come out because the mind behind releasing the Conficker worm continues to spread havoc.

Related article: Conviction of First Felony Spam in Virginia Upheld

» SPAMfighter News - 12/28/2009