Conficker.C Pakistani (.PK) Domains

Conficker.A and Conficker.B created around 250 domains per day from which they downloaded the updates or atleast tried to download. Unlikely, Conficker.C creates 50,000 domains per day out of which over 400 are .PK ccTLDs (country code top-level domains) containing only 4-9 characters as compared to 8-11 in Conficker.A and .B.

We have taken out .PK ccTLDs from the list of all domain names, computed by Felix Leder & Tillmann Werner, that Conficker.C will use in April 2009. It’s recommended to sinkhole these domains.

The list of Conficker.C domains for April can be downloaded here.