Conficker: Media Spinning April 1 Date
Source: Tom's Guide US | Keywords: Conficker, April, Worm
With over ten million PCs infected with the Conficker worm, lying dormant as if awaiting further instructions, it seems as if its author plans to take over the world on April 1... not.
There's certainly a lot of hoopla surrounding the mysterious Conficker worm since it began to infect the world's PCs back in October 2008. As of late, speculations and rumors have surfaced in regards to April 1 and what this worm will actually do. After all, April Fool's Day is just around the corner; perhaps the Conficker is just one big prank. Then again, maybe it's a devastating piece of malware that may put an end to millions of PCs.
Both F-Secure and Sophos say that although the Conficker worm will do something on April 1, triggering a global virus attack is highly unlikely. In fact, the worm will merely contact its growing network to receive updates, perhaps even change its operation. "So far, Conficker has been polling 250 different domain names every day to download and run an update program. On April 1st, the latest version of Conficker will start to poll 500 out of 50,000 domains a day to do the same thing," said F-Secure.
The security firm also said that the latest version is not the most common Conficker worm. In fact, most of the contaminated machines are infected with the B variant that became widespread back in January. According to F-Secure, the B variant will not be updating on April 1, however the new variant might do something new. "We know this because we have reverse engineered the worm code and can see that this is what it has been programmed to do," F-Secure added.
If the Conficker worm were to actually carry a devastating payload, it would not be locked into one specific date. Because of the worm's nature and how in embeds into the system, taking the reigns of administration privileges, it can download and execute a malicious program on any date, whether it's April 1, July 4, or September 11. What the Conficker will eventually do is still up in the air: it could steal data, send spam, do DDoS, or it could do absolutely nothing at all. Like the final frontier, it's the "unknown" factor that is the scary part, and probably the central focus of many articles relating to April 1.
"What we can say with certainty is that people should keep their protection up-to-date, ensure that they have firewalls and security patches in place, have a proper policy in place regarding USB usage and passwords," said Graham Cluley at Sophos. "In addition it wouldn't do any harm--if you suspect you may be infected by Conficker--to run a Conficker removal tool such as the free one from Sophos."
Cluley also mentions the news media, pointing to British tabloid newspaper The Sun as an example (although rags such as that are hardly newsworthy in the first place). He points out that news articles such as the one found in The Sun--Will your PC Be Hijacked on April 1--cause a false sense of panic. "With that kind of talk in a national newspaper (and there are plenty of other examples in the media at the moment) you could understand why some companies and home users might be worried about what might happen next Wednesday," he said.
As of this morning, Google pulled a huge load of news entries regarding the Conficker April 1 date, ranging from "Conficker Worm to Strike April 1" to "Conficker Worm: Expect New Attack April 1." However, as both F-Secure and Sophos have stated, there's nothing to panic about; the world isn't coming to an end, PCs won't begin to melt when the clock strikes 12:00 am, nor will a super AI brain take control and kill off all the humans Terminator-style.
Bottom line, the new Conficker variant will update on April 1. Outside of that, no one really knows what the overall infection will do despite doomsayers looking for page views to meet revenue quota.
-
Previous News Article
Rumor: Skype for iPhone Next Week -
Next News Article
Apple to Sell 3G iPhone...
The only way the Internet is going to be safe, is if I upload myself "Johnny Mnemonic" style, and do battle with Conficker in hand to hand VR Combat.
Of course, that's assuming I don't "accidentally" surf into a Lemonparty.
Conflicker doesn't infect just any PC. It only infects PCs with Windows. OS X, Linux, OS/2, MS-DOS are all safe and probably Windows CE also.
[Yawn]
So the news is that there is no news? Interesting....
Wow, an article I heartily agree with. Good on you for taking the high road instead of engaging in sensationalism.
All I know is, just to be sure, I will leave my computer off on April 1st. Not infected at the moment, but ya never know. My social life could use a boost as it is.
Quick run Linux for the entire day on April 1! lol.
I dont understand how they know millions are infected and havent
done anything to fix this?
I mean are current virus/spyware programs like kaspersky, spy sweeper antivirus essentials, Trend Micro Internet Security Pro, Norton 360 2.0, Nod 32, Bit Defender, allowing this conflicker to be put on the system?
Im not completely understanding the situation here.
I mean if they know so many are infected why dont people just get
with microsoft to make a malicious software removal tool for
the conflicker?
I dont understand how they know millions are infected and haventdone anything to fix this?I mean are current virus/spyware programs like kaspersky, spy sweeper antivirus essentials, Trend Micro Internet Security Pro, Norton 360 2.0, Nod 32, Bit Defender, allowing this conflicker to be put on the system?Im not completely understanding the situation here.I mean if they know so many are infected why dont people just getwith microsoft to make a malicious software removal tool forthe conflicker?
I think the issue is the HUGE masses of people who don't run up to date a/v software, or any a/v software at all....or heck.....may not even know what a/v software IS.
...they only know their is a problem with their PC when myspace, poker sites, and porn stop loading properly. And if I understand correctly, Conflicker is hiding so far, and not interrupting the laymen.
Quick run Linux for the entire day on April 1! lol.
no no, run a mac! [/trolling off]
The vast majority of the infected computers are actually in places like China and Russia, where piracy of Windows is rampant and they did not get the necessary Windows Updates.
http://mtc.sri.com/Conficker/
I dont understand how they know millions are infected and haventdone anything to fix this?
Probably has something to do with privacy, and also with responsibility. Just because they can determine these things, doesn't mean they're responsible for telling John Doe he has a virus. And even if, they'd still need to breach privacy laws to actually identify the person behind the ip number to contact him in the first place.
imo people should be forced to have a router with built in antivirus, or have an antivirus on their system - like people are forced to have an insurrance on their cars. It needn't be an expensive solution, but anything that limits spreading is worth the consideration.
I know what I've taken from the article. It's clear that at 12:00 am in China on 4/1/2009 a super AI brain will take control and kill off all the humans Terminator-style.