Mar 26 2009

Conficker C worm and April fool

Category: MalwareDISC @ 3:24 pm

My creation! (APRIL FOOL)
Image by david ian roberts via Flickr

Worm like conficker is a digital time bomb which is hard coded to trigger on April 1 (April fool’s day). Antivirus companies are doing their best to minimize the impact of conficker worm. Conficker first variant was introduced few months back and have already caused significant amount of damage to businesses. Conficker is using MD6 hash algorithm, first known case where this new algorithm has been used. Across the globe, there are about 15 million computer infected with conficker worm.

“In computer, a worm is a self replicating virus that does not alter files but resides in active memory and duplicates itself”

This happens to be third variant of conficker in the wild which is named “conficker c” which pose a significant threat to businesses and security expert are still trying to figure out the potential impact of this worm. In new variant, the worm has tendency to morph into something else which makes it harder for antivirus software to detect it. What is known about this worm so far is that at a predefined time on April 1st the infected machine will execute the worm which will be later be exploited by the worm originator. The originator or controller of the worm will control the infected machines and it’s anybody’s guess right now what commands will be given to these zombies. It can be to steal private and personal information, spam, DDoS, or simply wipe the infected machine hard drive. Also bad guys don’t have to give the commands to zombie machines on April 1st, it can be any time after April 1st.

Possible countermeasures:
• Keep up-to-date patches (Microsoft Ms08-067 security update)
• Keep antivirus signature files up-to-date (latest DAT)
• Disable Auto run
• Try different antivirus software to verify and take advantage of McAfee free online scan services
Free Sophos Conficker clean-up tool
• Make sure your machine is not infected with “conficker c” then you don’t have to worry about April 1st

Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of the conficker worm’s makers.



Reblog this post [with Zemanta]

Tags: Antivirus software, April Fools Day, conficker, Malicious Software, McAfee, Microsoft, Security, Viruses

9 Responses to “Conficker C worm and April fool”

  1. Video | | Innovate for Success says:

    […] computers. strong class=keywordConficker/strong, also known as Downadup, is spread in three Conficker C worm and April fool – 03/26/2009 Image by david ian roberts via Flickr Worm like strong […]

  2. MPN Specials » WARNING: Virus Alert - Conficker says:

    […] Hugh Deura is an Information Security expert who has written a great blog post about the virus and how to make sure you don’t get infected. Check out Hugh’s blog post at: […]

  3. Conficker Virus Deadline Looming | Big Thinking For Small Business says:

    […] Conficker C worm and April fool ( […]

  4. Jim Wagner says:

    Great article. Just saw the 60 minutes story on this last night.
    I'm glad all we use are Macs, though I understand hackers could
    attack them as well, just less bang for the buck. 🙂

  5. coffee maker says:

    It's good at least that there was advance warning for the Conficker worm; i'm sure a lot of people were spared a lot of hardship because of this

  6. disc7 says:

    One of my friend view on conficker c is “If one did not bother to apply a patch which came out last year
    (MS86-067) one deserves to learn his/her lesson the hard way.

  7. rickymartin says:

    Keep your computer running like new.
    Have you been searching for a great antispyware to keep your computer running like new? If so, you will be happy to know that there are some great options out there. I have tried many different types of antispyware only to find that the majority of them find the exact same types of bugs. The biggest difference that you will find between all the different types of antispyware offered is the price. Search-and-destroy Antispyware is an excellent choice that can be purchased at a lower price than many of the other options available. If you are interested in discovering the benefits offered from antispyware solution from Search-and-destroy visit to learn more.

  8. Yasshuja says:

    nice work

  9. spyware virus removal says:

    There is apparently a lot for me to discover outside of my books. Thanks for the fantastic read.

Leave a Reply

You must be logged in to post a comment. Login now.