Worm like conficker is a digital time bomb which is hard coded to trigger on April 1 (April fool’s day). Antivirus companies are doing their best to minimize the impact of conficker worm. Conficker first variant was introduced few months back and have already caused significant amount of damage to businesses. Conficker is using MD6 hash algorithm, first known case where this new algorithm has been used. Across the globe, there are about 15 million computer infected with conficker worm.
“In computer, a worm is a self replicating virus that does not alter files but resides in active memory and duplicates itself”
This happens to be third variant of conficker in the wild which is named “conficker c” which pose a significant threat to businesses and security expert are still trying to figure out the potential impact of this worm. In new variant, the worm has tendency to morph into something else which makes it harder for antivirus software to detect it. What is known about this worm so far is that at a predefined time on April 1st the infected machine will execute the worm which will be later be exploited by the worm originator. The originator or controller of the worm will control the infected machines and it’s anybody’s guess right now what commands will be given to these zombies. It can be to steal private and personal information, spam, DDoS, or simply wipe the infected machine hard drive. Also bad guys don’t have to give the commands to zombie machines on April 1st, it can be any time after April 1st.
Possible countermeasures:
• Keep up-to-date patches (Microsoft Ms08-067 security update)
• Keep antivirus signature files up-to-date (latest DAT)
• Disable Auto run
• Try different antivirus software to verify and take advantage of McAfee free online scan services
• Free Sophos Conficker clean-up tool
• Make sure your machine is not infected with “conficker c” then you don’t have to worry about April 1st
Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of the conficker worm’s makers.
[TABLE=12]
Related articles by Zemanta
- April Fool’s Day computer worm (madhavgopalkrish.wordpress.com)
- Conficker Windows virus infects 15 million PCs (telegraph.co.uk)
- Conficker C Worm to Activate on April Fool’s Day (blippitt.com)
- Microsoft: Bounty on Conficker worm creator (crunchgear.com)
httpv://www.youtube.com/watch?v=YqMt7aNBTq8
March 27th, 2009 9:19 am
[…] computers. strong class=keywordConficker/strong, also known as Downadup, is spread in three Conficker C worm and April fool – blog.deurainfosec.com 03/26/2009 Image by david ian roberts via Flickr Worm like strong […]
March 30th, 2009 1:41 am
[…] Hugh Deura is an Information Security expert who has written a great blog post about the virus and how to make sure you don’t get infected. Check out Hugh’s blog post at: https://blog.deurainfosec.com/conficker-c-worm-and-april-fool […]
March 30th, 2009 1:17 pm
[…] Conficker C worm and April fool (deurainfosec.com) […]
March 30th, 2009 1:54 pm
Great article. Just saw the 60 minutes story on this last night.
I'm glad all we use are Macs, though I understand hackers could
attack them as well, just less bang for the buck. 🙂
April 1st, 2009 12:44 am
It's good at least that there was advance warning for the Conficker worm; i'm sure a lot of people were spared a lot of hardship because of this
April 1st, 2009 1:32 pm
One of my friend view on conficker c is “If one did not bother to apply a patch which came out last year
(MS86-067) one deserves to learn his/her lesson the hard way.
May 14th, 2009 5:43 am
Keep your computer running like new.
Have you been searching for a great antispyware to keep your computer running like new? If so, you will be happy to know that there are some great options out there. I have tried many different types of antispyware only to find that the majority of them find the exact same types of bugs. The biggest difference that you will find between all the different types of antispyware offered is the price. Search-and-destroy Antispyware is an excellent choice that can be purchased at a lower price than many of the other options available. If you are interested in discovering the benefits offered from antispyware solution from Search-and-destroy visit http://www.Search-and-destroy.com to learn more.
July 6th, 2010 10:15 am
nice work
July 14th, 2011 3:24 am
There is apparently a lot for me to discover outside of my books. Thanks for the fantastic read.