Conficker still going strong

From v3’s article ‘Conficker baffles security experts‘:

“The worm has infected more than five million computers in a botnet that is powerful enough to take out the internet in Australia, according to the Sydney Morning Herald.

Rodney Joffe, a director of the Conficker Working Group formed to defeat the worm, said, “The general agreement in the security world is that Conficker is the largest threat facing us from a cyber crime point of view. It has proven to be extremely resilient. It’s almost impossible to remove.”"

We’re still seeing a lot of unprotected computers (primarily laptops) getting infected and spreading that to other unpatched computers. Some weeks ago, several major hospital and counties networks in Sweden got infected and caused havoc requiring partial or complete network shutdown.

If you have an infected network the following sites may prove to be valuable:

Conficker Working Group – Information about Conficker, the botnet it creates and a lot of links to further information and removal tools.
University of Bonn (Germany) – “Containing Conficker” – A bunch of useful tools for identifying, paralyzing and removing infections.

My previous posts on Conficker and MS08-067:

Playing around with Gimmiv.A (MS08-067)
Handling large scale worm infections
Conficker worm growing…
Conficker claiming 9 million victims…