# Giant Internet worm set to change tactics April 1



## MA-Caver

> *Giant Internet worm set to change tactics April 1 (AP)*
> 
> Posted on Fri Mar 27, 2009 4:52PM EDT
> http://tech.yahoo.com/news/ap/20090327/ap_on_hi_te/tec_conficker_countdown_1SAN FRANCISCO - The fast-moving Conficker computer worm, a scourge of the Internet that has infected at least 3 million PCs, is set to spring to life in a new way on Wednesday  April Fools' Day.
> That's when many of the poisoned machines will get more aggressive about "phoning home" to the worm's creators over the Internet. When that happens, the bad guys behind the worm will be able to trigger the program to send spam, spread more infections, clog networks with traffic, or try and bring down Web sites.
> Technically, this could cause havoc, from massive network outages to the creation of a cyberweapon of mass destruction that attacks government computers. But researchers who have been tracking Conficker say the date will probably come and go quietly.
> More likely, these researchers say, the programming change that goes into effect April 1 is partly symbolic  an April Fools' Day tweaking of Conficker's pursuers, who for now have been able to prevent the worm from doing significant damage.



No april fools' joke is this


----------



## Bob Hubbard

Make sure your firewall is up.
Try to manually run a windows update.

If both work, you're probably clean.

In the mean time, make sure that your antivirus is up to date, and actively running.
Spyware/Malware protection also is good to have running.

There's alot of hype about this one, but 3M out of 1B pc's isn't that big a deal.


----------



## arnisador

Newspaper recommends:
httP://www.enigmasoftware.com

I ran the free Conficker remover--no hits.


----------



## terryl965

I just ran it everything is fine here. Thanks for the link Arni.


----------



## crushing

> *April Fool's Conficker Threat is Likely Hype*
> 
> *By Erik Larkin, NetworkWorld.com 3/27/09*
> 
> *There's some serious FUD out there right now about what the Conficker worm will do on April 1. But according to those in the know, you probably don't have to worry.*
> 
> 
> *http://www.networkworld.com/news/2009/032709-april-fools-conficker-threat-is.html*


 
I would still scan for it and take necessary precautions.


----------



## MA-Caver

Ran the conflicker remover and it says not found... so for the time being everything is cool here. 

These guys that do this virus thing... don't they have a home to go to? Sigh.


----------



## MA-Caver

An update on the article... 


> *Last-minute Conficker survival guide*
> 
> 
> Tue Mar 31, 2009 1:42PM EDT
> Full article here:   http://tech.yahoo.com/blogs/null/132464
> Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?No one knows, but we'll probably find out soon.


----------



## jarrod

have i mentioned lately how much i love linux?

jf


----------



## jim777

If you have Windows, you can go to Control Panel, Add/Remove Programs, and check if you have "Security Update for Windows (KB958644)" If so, you're good. If not, you can get it from Here


----------



## Sukerkin

This is another case of the media hyping up something for the sake of a decent scare story.  This worm has been resident for quite a while and it's creators are no doubt loving the 'mystique' being added to their reputations by the furore.

Maybe it will be used to mount a denial of service attack ... but it can do that anytime.  

As long as computer users take reasonable care not to leave holes in their firewalls or let things in that deactivate their anti-virus they'll be fine.


----------



## Bob Hubbard

There's over 100,000 worms, viruses, etc out there.

The same precautions count for all of them:
- Use a reliable antivirus, and keep it current
- use a reliable malware shield, and keep it current
- use an on system firewall, and verify it's on.
- use a hardware firewall and make sure it's working
- make sure your system is up to date software wise.

Also
- don't open strange email attachments
- scan your email
- use a spam blocker to cut down on your spam
- don't visit bad websites
- don't use bootleg software from crack sites that may open holes in your armor or install nasties.


----------



## Bob Hubbard

http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

If you can see all the images, you're probably ok.


----------



## KELLYG

BOB,

Is this virus still a threat?


----------



## Bob Hubbard

I believe so.  It's a worm, so it keeps moving and changing it seems.


----------



## crushing

This is pretty slick.  Conficker prevents infected PCs from accessing certain antivirus vendor websites.  Using this information Joe Stewart from SecureWorks put together a Conficker Eye Chart.

http://www.joestewart.org/cfeyechart.html

By seeing whether or not images hosted on the vendor websites load you may be able to tell if your computer is infected with conficker.


----------



## Sukerkin

See post #12 above, good sir .


----------



## crushing

Sukerkin said:


> See post #12 above, good sir .


 
Failover plan, if one site isn't available or blocked, try the other.  Yeah, that's the ticket.  :wink1:


----------

