Dan Kaminsky Collaborates with Honeynet Project to Mitigate Threat from Conficker Worm

Honeynet Project brings in IOActive's Director of Penetration Testing to help research threat and develop a scanning tool to easily detect the Conficker Worm

Seattle, Wash—March 31, 2009. IOActive, a leading provider of application and smart grid security services, and The Honeynet Project, a non-profit security research group, today announced the release of a scanning tool designed to detect machines infected with the Conficker Worm. Based on research from The Honeynet Project's Felix Leder and Tillmann Werner, the team developed a tool to identify this widely-anticipated threat. The tool is now publicly available for download and is being integrated into most vulnerability scanning tools including Tenable Nessus, McAfee, nCircle, and the widely popular, Open Source nMap.

Set to trigger on April 1, 2009, some are speculating that Conficker could be the deadliest virus to hit the Internet in years, but the reality is that nobody knows what the obviously skilled, responsive hackers behind the worm intend. However with proper containment, the threat of damage can be drastically reduced. "I was thrilled to be asked by the Honeynet Project to help in their research, designed to inform and respond to a genuinely adaptive threat. Through their hard work we have enabled much better visibility and put significant control in the hands of the security community," said Dan Kaminsky, Director of Penetration Testing at IOActive.

In conjunction with the scanner, the Honeynet Project—along with the support of IOActive's Dan Kaminsky and the entire Conficker Working Group—have done a tremendous amount of outreach to actively engage with a wide section of the operation security and research communities, ensuring that as many organizations as possible can immediately improve their network security for zero cost.

"We want to thank IOActive's Dan Kaminsky for his support and valuable insight in the final stages of this critical project," said Lance Spitzner of The Honeynet Project. "This last weekend is an excellent example of the rapid progress that can be made when motivated researchers come together for the common good. It has been a pleasure to be part of this joint community effort against Conficker and we look forward to having the opportunity to be involved in similar initiatives in the future."

Through their research, the Honeynet Project's Werner and Leder discovered that Conficker changes how Windows appears on the network. Kaminsky, Werner, and Leder realized quickly that these changes would allow Confickerinfected nodes to be detected remotely, anonymously, and quickly. The scanning tool enables people to easily and safely identify whether machines on their network are infected with the worm. It will help people contain the problem, reducing risk and potential damage.

The Honeynet Project's "Know Your Enemy: Containing Conficker" white paper and the supporting tools for detection, disinfection and vaccination against Conficker are available at . Further information about the Conficker Working Group and the work they've performed over the last few months is available at www.confickerworkinggroup.org.

About Honeynet Project

Founded in 1999, The Honeynet Project is an international, non-profit (501c3) research organization dedicated to improving the security of the Internet at no cost to the public. With chapters around the world, our volunteers are firmly committed to the ideals of Open Source. Our goal, simply put, is to make a difference and we accomplish this through raising awareness of threats and vulnerabilities, sharing information through our "Know Your Enemy" program and developing tools to counter cyber threats. To learn more about research and volunteer opportunities, please visit .

About IOActive

IOActive is an industry leader that offers comprehensive security services including software assurance, smart grid security, infrastructure audits, training, incident response, PCI compliance, and risk management. IOActive has attracted many well-known security experts including Dan Kaminsky, Jason Larsen, Steve Wozniak, Mike Davis, and Ilja van Sprundel. More information is available at www.ioactive.com.

-###-