Conficker infections dropped for one day

Remember Conficker? The worm that attacks a lot of organizations, from the UK Parliament to Waikato DHB network? The worm for which Microsoft offers a $250,000 reward to find out the identities of the cybercriminals behind it?

According to the Shadowserver Foundation datasets, about a million of unique IP addresses showing clear signs of Conficker infection have suddenly vanished. This suddenly decreasing process took place in the last day of December 2009. Although December, 29^th, there were 6.5 millions of infected computers, 2010, January, 1^st, the number dropped to 5.3 millions.

This event cannot be explained yet and more investigations have to take place, but the "miracle" was just for one day. January, 2^nd, the number of infections jumped again to 5.6 million computers.

Although the number of infection decreased, Conficker remains a significant threat for the IT environment, its main purpose being to compromise as many machines as possible by exploiting vulnerability in Microsoft Windows RPC Server Service, such as the Automatic Update, Security Center, Windows Defender and Windows Error Reporting.

To avoid becoming a victim of Conficker, make sure that you:

• Check with your operating system provider on a regular basis - download and install the latest security updates, malware removal tools, as well as other patches or fixes
• Update your antimalware, firewall and spam filter as frequent as possible, with the latest virus definitions and suspicious applications/files signatures
• Scan your system frequently
• Stay informed about e-threats and security breaches

More information about Conficker can be found here.