BEWARE!

[jeffro]

Beware Conficker worm come April 1

Tue Mar 24, 2009 6:21PM EDT

See Comments (474)

 

Buzz up!on Yahoo!In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.

 

Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.

 

Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.

 

Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm's code as they attempt to engineer a cure or find the writer before the deadline. What's known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything's possible. Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.

 

Conficker is clever in the way it hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day -- which security researchers and ICANN simply bought and/or disabled -- but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can't be tracked and disabled by hand.

 

At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.

 

Microsoft also offers a free online safety scan here, which should be able to detect all Conficker versions.

 

should be interesting to see what happends. thoughts?

[Skinner]

moving to parking lot.

[Flyin Miata]

Good thing I don't run Windows, sucks for you guys .

[Mr. Jones]

From what I have read it has serious potential.

The amount of research brainpower that has gone into it is amazing.

 

Kudos to the author(s).

[87GT]

http://www.threadbombing.com/data/media/31/1237283238173.jpg

[jeffro]

http://www.threadbombing.com/data/media/31/1237283238173.jpg

 

lol. thanks for moving to the correct section. im not too terribly worried about it because i typically reinstall windows every few months.

[evil8]

Will someone save a copy of this for me, incase I get worms?

http://i255.photobucket.com/albums/hh152/evil8/hypnodog.gif?t=1238021392

[justinwebb]

sounds exciting, is it bad i kinda want it to hit computers hard just to see what happens?

 

props to the authors of this

[jeffro]

they arent gettin anything from me ^.^

[RedRocket1647545505]

I'll be turning mine off that day.

[Radio Flyer1647545514]

Macbook FTW.

[Nitrousbird]

Could be a ploy to get people to do Windows update, so you get the latest WGA installed and it disables your pirated copy of Windows (or the many unpirated copies out there that still get disabled every time they do this).

 

Maybe one day enough people will buy Apples to make it worthwhile to write a decent worm/virus/malware for it.

[Wonderboy]

I dont fully understand the whole giving "props" to these guys who are designing things with the intent of destroying other peoples stuff. I must be a loser. And yes, Macbook FTW!

[justinwebb]

Could be a ploy to get people to do Windows update, so you get the latest WGA installed and it disables your pirated copy of Windows (or the many unpirated copies out there that still get disabled every time they do this).

 

Maybe one day enough people will buy Apples to make it worthwhile to write a decent worm/virus/malware for it.

 

yea that is true they just blacklisted one of the most popular keys for xp that was the most widely used. I just used the new WGA crack and it worked like new again

 

never thought about that though

[sol740]

Awwww its too I use Linux so much.

[Mr. Jones]

I dont fully understand the whole giving "props" to these guys who are designing things with the intent of destroying other peoples stuff. I must be a loser. And yes, Macbook FTW!

 

Do some reading on how the virus works and you will gain the appreciation. An AMAZING amount of R&D went into this. This is the Bugatti Veyron of Viri.

 

Full Link: http://mtc.sri.com/Conficker/addendumC/index.html

 

Simplified 5 mile overview of how it executes:

 

http://mtc.sri.com/Conficker/addendumC/functional-thread-overview.jpg

[justinwebb]

wow thats cool sad part is i understand a lot of it lol. I need a life.

[Aesthetic_Influx]

That sucks.

 

 

 

 

Just not for me.

(+1 Mac FTW comment)