Giant Internet worm set to change tactics April 1

MA-Caver

Sr. Grandmaster
MT Mentor
Joined
Aug 21, 2003
Messages
14,960
Reaction score
312
Location
Chattanooga, TN
Giant Internet worm set to change tactics April 1 (AP)

Posted on Fri Mar 27, 2009 4:52PM EDT
http://tech.yahoo.com/news/ap/20090327/ap_on_hi_te/tec_conficker_countdown_1SAN FRANCISCO - The fast-moving Conficker computer worm, a scourge of the Internet that has infected at least 3 million PCs, is set to spring to life in a new way on Wednesday — April Fools' Day.
That's when many of the poisoned machines will get more aggressive about "phoning home" to the worm's creators over the Internet. When that happens, the bad guys behind the worm will be able to trigger the program to send spam, spread more infections, clog networks with traffic, or try and bring down Web sites.
Technically, this could cause havoc, from massive network outages to the creation of a cyberweapon of mass destruction that attacks government computers. But researchers who have been tracking Conficker say the date will probably come and go quietly.
More likely, these researchers say, the programming change that goes into effect April 1 is partly symbolic — an April Fools' Day tweaking of Conficker's pursuers, who for now have been able to prevent the worm from doing significant damage.

No april fools' joke is this
 
Make sure your firewall is up.
Try to manually run a windows update.

If both work, you're probably clean.

In the mean time, make sure that your antivirus is up to date, and actively running.
Spyware/Malware protection also is good to have running.

There's alot of hype about this one, but 3M out of 1B pc's isn't that big a deal.
 
I just ran it everything is fine here. Thanks for the link Arni.
 
Ran the conflicker remover and it says not found... so for the time being everything is cool here.

These guys that do this virus thing... don't they have a home to go to? Sigh.
 
An update on the article...
Last-minute Conficker survival guide


Tue Mar 31, 2009 1:42PM EDT
Full article here: http://tech.yahoo.com/blogs/null/132464
Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?No one knows, but we'll probably find out soon.
 
If you have Windows, you can go to Control Panel, Add/Remove Programs, and check if you have "Security Update for Windows (KB958644)" If so, you're good. If not, you can get it from Here
 
This is another case of the media hyping up something for the sake of a decent scare story. This worm has been resident for quite a while and it's creators are no doubt loving the 'mystique' being added to their reputations by the furore.

Maybe it will be used to mount a denial of service attack ... but it can do that anytime.

As long as computer users take reasonable care not to leave holes in their firewalls or let things in that deactivate their anti-virus they'll be fine.
 
There's over 100,000 worms, viruses, etc out there.

The same precautions count for all of them:
- Use a reliable antivirus, and keep it current
- use a reliable malware shield, and keep it current
- use an on system firewall, and verify it's on.
- use a hardware firewall and make sure it's working
- make sure your system is up to date software wise.

Also
- don't open strange email attachments
- scan your email
- use a spam blocker to cut down on your spam
- don't visit bad websites
- don't use bootleg software from crack sites that may open holes in your armor or install nasties.
 
I believe so. It's a worm, so it keeps moving and changing it seems.
 
This is pretty slick. Conficker prevents infected PCs from accessing certain antivirus vendor websites. Using this information Joe Stewart from SecureWorks put together a Conficker Eye Chart.

http://www.joestewart.org/cfeyechart.html

By seeing whether or not images hosted on the vendor websites load you may be able to tell if your computer is infected with conficker.
 
Back
Top