San Francisco, CA (Gawkwire.com) OpenDNS, provider of the award-winning service that makes the Internet safer, faster, smarter and more reliable, today announced it has teamed with leading antivirus company Kaspersky Lab to fight the wide-spread Conficker virus. The effort to fight Conficker uses the newly introduced OpenDNS Botnet Protection feature, which provides network administrators visibility into the networks they operate and sends notification if the Conficker Windows worm has successfully penetrated their network. This insight then gives network administrators the knowledge necessary to disable the worm and prevent it from causing damage. The Conficker virus, also known as Kido and Downadup, surfaced in late 2008 and targets the Microsoft Windows operating system, exploiting a known vulnerability in the Windows Server service used by most versions of Windows.
"For a virus as widespread as Conficker, the ability to quickly and easily see if the virus has penetrated your network is hugely significant when considering as many as 10 million PCs are infected so far, and the damage the virus could potentially do. For the first time, OpenDNS is leveraging its globally distributed DNS network to combat malware," said OpenDNS Founder and CTO David Ulevitch. "The joining of Kaspersky Lab, a world-class antivirus company, and OpenDNS, the leading provider of DNS infrastructure and security services, gives network administrators a significant advantage in the fight against malware and botnets."
"Despite not introducing any technological innovation, the Conflicker/Kido worm is regarded to be one of the most dangerous IT threats at the moment," said Vitaly Kamluk, Head of Antibotnet Research, Kaspersky Lab. "The worm was supposedly propagated via an existing botnet — this shows how dangerous the integration of two different malicious technologies might be. Speed of reaction in such cases is very important. We are open to all the communities and services that may help here. OpenDNS is one of the leading free and secure online services and we are happy that in this joint effort we can protect OpenDNS users as well."
OpenDNS Botnet Protection, as well as its use to fight the Conficker virus, represents a key innovation in the use of the Domain Name System. Conficker, also known as Downadup, uses a set of seemingly random domain names as a meeting place for the virus to exchange data with its author, such as how many new machines each host has brought into the botnet, or details on any code upgrades or attacks the owner wants to take place. These domain names are generated using an algorithm so they change every day, making traditional methods like revoking domain registrations used by botnet authors ineffective.
Kaspersky Lab has taken steps to preemptively predict the domains that will be used in coming days by the virus, and is collaborating with OpenDNS by sharing the predicted domains. OpenDNS Botnet Protection then blocks the domains from resolving inside the OpenDNS service, for all OpenDNS users. Consequently, OpenDNS Botnet Protection prevents the virus from taking part in any further actions at the instruction of the virus author, and effectively prevents the virus from causing additional damage and alerts networking administrators of malware living on their network.