Conficker VIRUS

View previous topic View next topic Go down

Conficker VIRUS

Post  stephen on Tue 31 Mar 2009, 8:31 pm

Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?

No one knows, but we'll probably find out soon.

Or not. As Slate notes, Conficker is scheduled to go "live" on April 1, but whoever's controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there's less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C -- the latest bad boy -- will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there's no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.

Conficker's a nasty little worm that takes serious efforts to bypass your security defenses, but you aren't without some tools in your arsenal to protect yourself.

Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.

But if Conficker's already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss -- try booting into Safe Mode, which Conficker prevents, to check -- you should run a specialized tool to get rid of Conficker.

Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symantec's Conficker (aka Downadup) tool, Trend Micro's Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don't have Conficker.)

As a final safety note, all users -- whether they're worried about an infection or know for sure they're clean -- are also wise to make a full data backup today.

What won't work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out.


Yahoo Tech

stephen
Christian Talk Member

Mood : I feel Blessed
Male

Number of posts : 53
Age : 41
Location : USA
Registration date : 2007-07-16
Points : 17179
Reputation : 1
Country :

Warning :

View user profile

Back to top Go down

Re: Conficker VIRUS

Post  Littlelamb on Mon 13 Apr 2009, 7:16 pm

Please watch the first minute or so, of this news cast..
http://abcnews.go.com/Video/playerIndex?id=7321764
Conficker self-updates, launches false infection alert
Conficker didn't bring the Internet crashing down on April 1, but the virus is still evolving, inevitably causing problems for the researchers charged with stopping it. Current versions of the malware are actually programmed to stop working in early May—a fact that leaves everyone wondering what the malware authors have coming.
http://arstechnica.com/security/news/2009/04/conficker-self-updates-launches-false-infection-alert.ars
UPDATED: Conficker.e surfaces and reveals purpose: Wants $49.95
Security
Chicago (IL) - Late Wednesday, TrendMicro observed a new version of the Downad.KK/Conficker.c worm, dubbed Conficker.e. The previous version utilized its built-in P2P functionality to download the update, which then springs to life with fake or rogue antivirus messages warning of non-existent threats, along with annoying pop-ups until you agree to pay it $49.95. Conficker's authors finally unveil their true intent: Greed.
http://www.tgdaily.com/content/view/42008/108/
Conficker also installs fake antivirus software
Researchers have discovered another feature of the Conficker worm that provides an additional clue about the intent of the creators--the worm installs malware that masquerades as antivirus software, Trend Micro said last week.
http://www.zdnetasia.com/news/security/0,39044215,62053082,00.htm?scid=rss_z_nw Suspect

Littlelamb
Christian Talk Moderators

Mood : I feel Blessed
Female

Number of posts : 227
Age : 54
Location : USA
Profession : Admin of 2 forums, Children's Church Ministry
Hobbies : The BIBLE and the STUDY which I apply to life.
Marital Status : Married
Registration date : 2008-03-21
Points : 16050
Reputation : 4
Country :

Warning :

View user profile http://www.lordismyshepherd.forumsmotion.com

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum