The evolution of an extraordinary globe-spanning worm

Conficker timeline
2008 - 2009

2008

Aug. 20: The Gimmiv Trojan, which exploited the vulnerability Conficker capitalises on, is first spotted running in a virtual machine on a server in South Korea. Experts speculate this was a a test run prior to it being released in the wild. (Source: BBC)

Sept. Chinese malware brokers are spotted selling a $37 tool kit that allows anyone to exploit this newly-discovered security hole in a component of Windows, called RPC-DCOM, which enables file and print sharing. RPC-DCOM is built into all PCs of Windows XP vintage and earlier, some 800 million machines worldwide

Sept. 29: Gimmiv first seen in the wild infecting a PC in Hanoi, Vietnam. Over the next few weeks it manages to infect 200 more machines in 23 nations - most of which were in Malaysia. Mistakes in the way it is coded limit its ability to spread. (Source: BBC)….More at LastWatchdog.com