Timeline: A year of the Conficker worm


As Microsoft highlighted in its most recent security report, worms have been one of the biggest security threats of 2009, and the Conficker worm has been the main driver for this.

Security firm Trend Micro says the worm is now one year old, so we've rounded up some of the biggest events that have occurred in its short life.

January 2009: The worm, also known as Kido or Downadup, was seen in the wild in various forms since late 2008, but now it really started to make a big impact. The worm spread to infect 3.5 million Windows PCsi, but then quickly rose to over nine million.

February 2009: The worm became so serious that Microsoft put $250,000 of its own money up for information on the gang that was responsible for creating the worm.

One of the big problems with Conficker was that it was so adaptable. This was illustrated when researchers published details of a new variant of the most serious Conficker B strain.

Then, Conficker spread its way through hospital PCs in Sheffield, the Ministry of Defence, the House of Commons, cost one council 1 million, and caused another to allow thousands of drivers to escape traffic fines.

April 2009: The security world waited with baited breath as Conficker looked to change operations and contact domains, presumably for new instructions. The deadline came and went and nothing much happened.

Conficker tried to establish a link, but experts didn't see any new instructions.

Eight days later, security researchers discovered that a Conficker had updated through a dropper', and had started talking to servers connected to another botnet, Waledec.

The owners of Conficker and Waledac had decided to collaborate, and Conficker was now a distributor of Waledac as well as scareware.

September 2009: Security firm BitDefender claimed that Conficker was re-emerging as a threat.

October 2009: Oxford Brooks University suffers an attack which forces it to close systems.

But as the head of the Conficker Working Group stated in an interview with IT PRO, this could be the tip of a very big iceberg as most companies do not talk about being hit by a Conficker attack