Conficker.B/Downadup.B/Kido: F-Secure publishes details pertaining to their counting methodology of compromised machines

Published: 2009-01-16
Last Updated: 2009-01-16 21:21:34 UTC
by G. N. White (Version: 1)
0 comment(s)

Some of our readers have pointed out that more media attention is being given to the rather alarming and large number of compromised machines that have been tallied by F-Secure in their "Weblog:  News from the Lab" site.

For example CNN have picked up on the story here:


If you now turn your attention to the latest entry on the F-Secure website, you will now be able to read about their finer details of how they are producing their tally:


In summary it is a combination of the "q=" value from the GET call, - combined with an assessment of unique IP addresses being tracked over time, that yeilds their final tally.  I would encourage you to read their fine details as per the link above.

G.N. White

Handler on Duty (Happy Friday!)


0 comment(s)


Diary Archives