The inside story of the Conficker worm - tech - 12 June 2009 - New Scientist

Six days after the 1 April deadline, Conficker's authors let loose a new version of the worm via P2P. With no central release point to target, security experts had no means of stopping it spreading through the worm's network. The URL scam seems to have been little more than a wonderful way to waste the anti-hackers' time and resources. "They said: you'll have to look at 50,000 domains. But they never intended to use them," says Joe Stewart of SecureWorks in Atlanta, Georgia. "They used peer-to-peer instead. They misdirected us."