Apparently the Conficker Worm has started updating all it’s clients.  Who knows what’s going to happen – but my money’s on, well, a lot of people losing money.

Aside from the real potential for harm that Conficker represents, I’m fascinated by this thing: At how it’s been able to evade the finest AV writers, how it’s been able to propagate so quickly and the techniques that have been used to develop it.

In a way, the way that Conficker has been developed could almost win the team behind it the ‘Development Team of the Year’ prize before, of course, they’re all clapped in irons – for the way in which they have reacted so quickly to weaknesses in their code, and the speed with which they have adopted cutting edge technology – such as the still-moist MD6 (and indeed rolled out bug-fixes to fundamental flaws in it’s design).

For a really in-depth look at Conficker, it’s code, how it’s been protected against reverse engineering and hijacking, head over to the Analysis of Conficker C at the Malware Threat Center at SRI – the analysis they’ve performed on the Conficker Worm, and all it’s variants, is truly enlightening and in some cases can provide a lesson to us all in how to protect our own software.

Dark days ahead?  Possibly – but in a way it’s quite exciting too!