Conficker Apocalypse

Will the Conficker worm, expected to activate on April 1, set off viral destruction or be a dud?
Security experts say Conficker.C (also called Downadup) presents a serious threat. Infected machines -- said to number from 3 million to 10 million globally, depending on estimates -- could be activated for data destruction and theft or espionage, spam relays or denial-of-service (DoS) attacks. While a "doomsday scenario" on April 1 seems unlikely, many security professionals regard Conficker.C as the malware fruit of a disciplined criminal operation out to make money off it.

More here: Conficker on April 1st: Eve of destruction or big joke? - Network World


What do people know about this? I have heard a lot about it, but don't know a lot about it.


~Lordbob

 

[echrada]

Read all under the Security thread

 

[lordbob75]

Fail. Thanks Les.

~Lordbob

 

[rive0108]

Big Joke

 

[lordbob75]

I have a few friends that think that, and another that thinks it will erase everyone's harddrive.

I think it would be amusing if it just popped everyone's cd drive out at the same time, or restarted their computers. Just something minor and funny.

~Lordbob

 

[Fastboy42]

Apparently Microsoft are offering a $250,000 bounty for finding any information that may lead to the culprit.(I don't know if that is real or not)
You might want to have a look at these to links.

MS Offers Bounty for Head of Conficker Worm / Infopackets.com

How To: Protect Your Windows PC from the Conficker Worm

~Fastboy42~

P.S (I'm kinda worried about what it may do if it got into my computer, but I 've got my antivirus all updated so I should be fine.:D)

 

[Axon]

IT'S GONNA BE Y2K ALL OVER AGAIN!

Nothing.

 

[Barman58]

IT'S GONNA BE Y2K ALL OVER AGAIN!

Nothing.

Now, Now, I won't have anyone knocking Y2K - it made me a fortune in fees

Conficker will probably have some effect, there are too many people around running un-patched systems,either because they don't know any better, or worse, they think they do know better :sa:.

Hopefully with all the general press coverage the message may get across to the general user that if you just use "reasonable" security and keep your system patched you will have nothing to worry about.

The thing that does worry me a bit is that as there is no "visible" payload with the modern malware attack, if Conficker does not show at all then the general computer user will think it a false alarm.

 

[dk70]

I think it is made or sponsored by Microsoft so they can prove the point that as long as you use legit Windows and do updates you are safe. Also goes for busineses.

 

[dinesh]

I have heard that if you catch the one who made this virus, US govt will pay you 4 million dollars. I wish i could blame Norton or Mcafee and become millionaire.

 

[SCSIraidGURU]

One day it won't be a joke. It was a good practice session for patching workstations and servers. Getting users to be aware of going to sites that they could get an infection from. My users are learning the importance of safe computing and keeping Windows updates current.

 

[LukaszR]

Could it actually be serious? Not too sure if perhaps this is just an Aprils fools joke. None the less, i know not to much about it...simply what i've heard on the news. I hear they don't even know where its coming from, so good luck to stopping it.

Make sure you get your antivirus updated asap...otherwise we'll be seeing many in the black hole.

 

[lordbob75]

LOL I am running about 5 anti-virus programs / firewalls in addition to the prebuilt Windows ones. I think I should be good. Plus, I heard that if you can access major Anti-Virus sites, such as Kaspersky, Norton, Macafee, then you are NOT infected... *checks*
I'm good.

~Lordbob

 

[Everlong]

Like I said in the other thread, what happened to my comp at the weekend was a few symptons that occur on a Conficker infected PC.

It was my own fault I guess as I had UAC turned off for the last few weeks and even with a firewall and AV that I always keep active it still somehow got on, and turning UAC off did teach me a lesson.

I guess everyone else who says "Disable UAC is the first thing I do" are certainly going to be taught a lesson if all this is true as well.

 

[lordbob75]

Like I said in the other thread, what happened to my comp at the weekend was a few symptons that occur on a Conficker infected PC.

It was my own fault I guess as I had UAC turned off for the last few weeks and even with a firewall and AV that I always keep active it still somehow got on, and turning UAC off did teach me a lesson.

I guess everyone else who says "Disable UAC is the first thing I do" are certainly going to be taught a lesson if all this is true as well.

Yeah I even left mine turned on....

~Lordbob

 

[Everlong]

Apparently the virus did try to fire up, but all the security companies said they managed to block everything so far, read it here The Associated Press: Conficker worm reaches go time, to no effect

 

[LukaszR]

Apparently the virus did try to fire up, but all the security companies said they managed to block everything so far, read it here The Associated Press: Conficker worm reaches go time, to no effect

well then thats good news eh

 

[dk70]

One day it won't be a joke. It was a good practice session for patching workstations and servers. Getting users to be aware of going to sites that they could get an infection from. My users are learning the importance of safe computing and keeping Windows updates current.

That is the scary part. Has been some years since Windows update became a set and forget feature, but seems to me most of the times you see "threats" hit frontpage they rely on unpatched this or that, mostly Windows Just sad. Piracy probably play a big part in this of course. Remember banner infection on MySpace some years ago? Same thing, only hit those with no updates (free Windows). Headline should be "Badly maintained OS once again proven to be risky"

Ive seen security geeks advise to disable Windows Update because regular users are not capable of evaluating auto-input from Microsoft, and so risk blowing up OS by blindly accepting installations. Hmm, and alternative is what? heh. If no trust in OS maker use something else. May be 100% user control make sense in business networks but does not mean each update should not be evaluated. Where some lazy/wiser than everyone else have failed I think.

 

[lordbob75]

Speaking of that, I am going to make sure I am updated...

~Lordbob

 

[Fastboy42]

I told a heap of people at school about the conficker, not only did they not know what the conficker was,they don't have any antivirus software or know anything about computers(all they know how to do is how to use social networking sites and they spend hours on them.).

PEOPLE NEED TO GET EDUCATED ABOUT HOW TO KEEP THEMSELVES SAFE ON THE NET.:eek:

Can't antivirus companys just capture the conficker then read the code.(or is it encrypted etc.)





FT.com / US & Canada - Efforts to fight cyber-crime fall short to virus