PDA

View Full Version : Beware Conficker worm on April 1


Hulk
03-31-2009, 10:31 PM
Beware Conficker worm come April 1

In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.

Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.

Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.

Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm's code as they attempt to engineer a cure or find the writer before the deadline. What's known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything's possible. Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.

Conficker is clever in the way it hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day -- which security researchers and ICANN simply bought and/or disabled -- but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can't be tracked and disabled by hand.

At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.

Microsoft also offers a free online safety scan here (http://onecare.live.com/site/en-us/default.htm), which should be able to detect all Conficker versions.

Source: Yahoo (http://tech.yahoo.com/blogs/null/128643/beware-conficker-worm-come-april-1/)

This is a pretty serious threat. Here is link to info on the worm:
http://www.honeynet.org/papers/conficker (http://slickdeals.net/?sdtid=1272457&u2=http://www.honeynet.org/papers/conficker), read the PDF if you have time.
The amount of work put in the creation of this worm is amazing!

More info here:
http://iv.cs.uni-bonn.de/wg/cs/applications/containing-conficker/

Shark Bait
03-31-2009, 10:47 PM
Who does this stuff? Why? It's a real PITA if you get it.

AxleIke
03-31-2009, 10:53 PM
Who does this stuff?

Someone who's teeth I'd love to knock into the back of their throat. I just finished reinstalling all of my OS and programs after the last virus attack. If I get this I may just quit. LOL.

Shark Bait
04-04-2009, 10:12 PM
Here's a link to the Conficker Eye Chart (http://www.confickerworkinggroup.org/infection_test/cfeyechart.html). :D

Caribou Sandstorm
04-05-2009, 06:43 AM
I had something bad, not sure if it was the Conficker, As I guess my Norton did not kill it a few weeks ago.

I (not really me, Virus) was sending out an e-mail to everyone whom sent me an e-mail or everyone I sent an e-mail to, also go another fun e-mail..

It started with "Hi Friend, I just bought an Iphone from this really great website, myewell.com"

Last night I Googled it and lots of folks accross the world were getting hit, even the IT guy at Norad. Many said ignore and quarantine but that does not kill it. It apparantly gets into your Windows registery..The Norad IT guy knew what to do, I bet plenty of you smart IT guys in here also know how to fix a windows registery but I just fired Norton and Hired Cyber defender for a lot less and they had a lot of atta boys from big companies. Appears that my registery is back in order and 33 spyware threats were removed. Never again will Norton get a dime, from me. I was on hold with Norton for 2 hours and Cyber defender had me completely fixed in about 20 minutes.