15 replies to this topic

[Kevin2013]

Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?

No one knows, but we'll probably find out soon.

Or not. As Slate notes, Conficker is scheduled to go "live" on April 1, but whoever's controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there's less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C -- the latest bad boy -- will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there's no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.

Conficker's a nasty little worm that takes serious efforts to bypass your security defenses, but you aren't without some tools in your arsenal to protect yourself.

Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.

But if Conficker's already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss -- try booting into Safe Mode, which Conficker prevents, to check -- you should run a specialized tool to get rid of Conficker.

Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symatec's Conflicker(aka Downadup) Tool,, Trend Micro's Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don't have Conficker.)

As a final safety note, all users -- whether they're worried about an infection or know for sure they're clean -- are also wise to make a full data backup today.

What won't work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Temporarily disconnecting your computer from the web won't help if the malware is already on your machine -- it will simply activate once you connect again. Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out. Follow the above instructions to detect and remove the worm.

What won't work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Temporarily disconnecting your computer from the web won't help if the malware is already on your machine -- it will simply activate once you connect again. Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out. Follow the above instructions to detect and remove the worm.

Article taken from http://tech.yahoo.co...ogs/null/132464

[©Milton]

Probably won't even by on my computer tomorrow. Haha.

[Awad]

Another win for Macs

[marek]

Conflicker is a old worm.
Would be cool if the virus authors just made an Aprils Fool popup appear for the LULZ.

[Wilson]

I've heard about this virus. Seems pretty dangerous.

[Ilya R.]

Conficker failed.

[NickC]

My friends got viruses - is it from this? I didn't even hear about this so I wasn't even aware of it.

[leo2car]

Only the school computer got this virus.



Not really, my friend got a virus from the school on Friday.

[©Milton]

Microsoft and other companies managed to prevent most of it from happenning, although some computers got the virus, most didn't. Expect it to return though.

[daBKLYNdoorman]

Awad, on Mar 31 2009, 11:13 PM, said:

Another win for Macs

Hey there, have I got news for you!

http://www.cnn.com/2009/TECH/04/22/first.m...iref=newssearch


And also, and I quote: "As Macs become more popular, they're more likely to be targets, experts say".

[AktarerZ]

Warchief, on Apr 2 2009, 08:04 PM, said:

Conficker failed.

Haha, that's funny but inaccurate.

[Ilya R.]

It's activated since then but still hasn't done much damage (according to media that is). It's succeeded at infecting people but hasn't really succeeded as a worm.

[ClEMeNt]

Warchief, on Apr 25 2009, 11:56 AM, said:

It's activated since then but still hasn't done much damage (according to media that is). It's succeeded at infecting people but hasn't really succeeded as a worm.

That's because the people who created it haven't sent a command to make it do anything.

[daBKLYNdoorman]

Quote

It's activated since then but still hasn't done much damage (according to media that is). It's succeeded at infecting people but hasn't really succeeded as a worm.

It make your computer act as a spam server which makes it send massive amounts of spam to your previous contacts as well as any additional addresses sent by the Conficker creator.

[Ilya R.]

I'm guessing that it's pretty passive now. Conficker's creators are boring.

[ClEMeNt]

Warchief, on Apr 30 2009, 07:07 PM, said:

I'm guessing that it's pretty passive now. Conficker's creators are boring.

I predict that your computer will be the first one to explode from Conficker.
Its still a threat even though it's doing nothing at the moment.
I wonder if the creators are hiding until the government and microsoft stops looking for them.