i keep hearing it registers domains to download its updates. And its registering 250k a day. When i registered a domain it cost me 10 dollars.. Is the conficker worm getting them for free?

i keep hearing it registers domains to download its updates. And its registering 250k a day. When i registered a domain it cost me 10 dollars.. Is the conficker worm getting them for free?

if i had any guess, they're using a DDNS service and register your computer name or a unique ID they can use

p.s. its a hoax :screwy:

this is what conficker is supposedly "doing"

http://en.wikipedia.org/wiki/Conficker

It does not register domains. It generates domain names internally which are then contacted in effort to update itself. It can generate 50,000 domain names over 110 TLDs and only needs to contact one to update. It does this to protect the "real" domain from being found.

Read more at the Institute of Computer Science: http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/

I have a theory about conficker.

My theory is some hacking group wanted to use it to make money, as many security experts have said already, the problem is that it has grown way past what the original hackers wanted and it has gotten so much media attention that they are afraid to actually use it now.

I have a theory about conficker.

My theory is some hacking group wanted to use it to make money, as many security experts have said already, the problem is that it has grown way past what the original hackers wanted and it has gotten so much media attention that they are afraid to actually use it now.


or that it is dormant and the group will execute remote code during a time where nobody will expect it.

there are tons of theroy's out right now :P

I have a theory about conficker.

My theory is some hacking group wanted to use it to make money, as many security experts have said already, the problem is that it has grown way past what the original hackers wanted and it has gotten so much media attention that they are afraid to actually use it now.


This is a decent theory. I hope you are correct. With an estimated 9-15 million infected nodes, this botnet could cause some real harm. I keep reading about more and more governments whose critical systems are catching it. I hope you are right.

or that it is dormant and the group will execute remote code during a time where nobody will expect it.

there are tons of theroy's out right now :P

We all know its dorment, but I doubt we will reach a point of not expecting it. I think we will be expecting it to hit at any time, for a long time :)

I bet if MS upped the bounty to a few mill, then it would be more likely they would find the culprit..

We all know its dorment, but I doubt we will reach a point of not expecting it. I think we will be expecting it to hit at any time, for a long time :)

I bet if MS upped the bounty to a few mill, then it would be more likely they would find the culprit..

for sure :) people will do anything for $ lol.


on a side note, NMAP and Nessus scans for the exploit.