Analysis of Conficker

Researchers at SRI International have published a comprehensive breakdown of the deep workings of Conficker, the malware worm. Their analysis reveals that Conficker is 1) a best-of-breed piece of malware that uses cutting edge cryptography 2) pushes the envelope on using the DNS system for “meeting point” style communications 3) implements a sophisticated peer-to-peer command and control structure 4) and works hard to escape detection and prevent its removal.

You can find the SRI analysis at http://mtc.sri.com/Conficker/addendumC/