Software: Conficker, Downadup, Kido
Jump to navigation
Jump to search
| Conficker, Downadup, Kido | |
|---|---|
| Software | |
| ID | S0012 |
| Aliases | Conficker, Downadup, Kido |
| Type | Malware |
Conficker is a computer worm that targets Microsoft Windows and was first detected in November 2008. It targets a vulnerability (MS08-067) in Windows OS software and dictionary attacks on administrator passwords to propagate while forming a botnet. Conficker made its way onto computers and removable disk drives in a nuclear power plant.1
Associated Software Descriptions
Techniques Used
- Loss of Availability - A Conficker infection at a nuclear power plant forced the facility to temporarily shutdown.1
- Replication Through Removable Media - Conficker exploits Windows drive shares. Once it has infected a computer, Conficker automatically copies itself to all visible open drive shares on other computers inside the network.2 Nuclear power plant officials suspect someone brought in Conficker by accident on a USB thumb drive, either from home or computers found in the power plant's facility.1
- Loss of Productivity and Revenue - A Conficker infection at a nuclear power plant forced the facility to shutdown and go through security procedures involved with such events, with its staff scanning computer systems and going through all the regular checks and motions before putting the plant back into production.1
References
