…the wanderings

Conficker and the Curious Yellow

I was not planning on writing another post so soon, but Utopiah here has referred a very nice article in his comments to my previous post. If you have not already read Brandon Wiley’s Curious Yellow: The First Coordinated Worm Design, I urge you to read it through.

It hits right on spot about fast distribution through a peer-to-peer network. I used the concept to hypothesize a patch propagation (described as an anti-worm by him).

The paper describes a scenario comparable to a powerful chess game turning the yellow worm to blue and backwards. Probably in recognition of this idea, Conficker uses latest encryption , very likely making a first field implementation of the MD6 algo and its fixes too!. It appears that the Conficker writer is very well versed with this paper and current technology 🙂

Besides the points made by Wiley on that page, there is one more ‘common goal’ such a network can target, and I am sure its already stated somewhere: These compromised systems can be pooled to brute force encryption security.


April 21, 2009 Posted by | security | , , , | Leave a comment