No joke in April Fool's Day computer worm

Triton

Founding Member
Regular Member
Joined
Feb 16, 2009
Messages
342
Likes
9
Guys watch out for Conficker C :drink:

A computer-science detective story is playing out on the Internet as security experts try to hunt down a worm called Conficker C and prevent it from damaging millions of computers on April Fool's Day.

The malicious program already is thought to have infected between 5 million and 10 million computers.

Those infections haven't spawned many symptoms, but on April 1 a master computer is scheduled to gain control of these zombie machines, said Don DeBolt, director of threat research for CA, a New York-based IT and software company.

What happens on April Fool's Day is anyone's guess. The program could delete all of the files on a person's computer, use zombie PCs -- those controlled by a master -- to overwhelm and shut down Web sites or monitor a person's keyboard strokes to collect private information like passwords or bank account information, experts said.

More likely, though, said DeBolt, the virus may try to get computer users to buy fake software or spend money on other phony products.

Experts said computer hackers largely have moved away from showboating and causing random trouble. They now usually try to make money off their viral programs.

DeBolt said Conficker C imbeds itself deep in the computer where it is difficult to track. The program, for instance, stops Windows from conducting automatic updates that could prevent the malware from causing damage.
Read complete article here
 

Triton

Founding Member
Regular Member
Joined
Feb 16, 2009
Messages
342
Likes
9
News from Microsoft Malware Protection Center

Win32/Conficker.C is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.

Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.

Microsoft also recommends that users ensure that their network passwords are strong to prevent this worm from spreading via weak administrator passwords. click on the link above for more info.

About Conficker:

Downadup (or Conficker) is a network worm that takes advantage of vulnerabilities in Windows to spread. Its removal is complicated by the fact that it blocks many known antivirus software and associated websites.

BitDefender Labs has detected a new and more aggressive Downadup version. It spreads using a Windows RPC Server Service vulnerability and is called Win32.Worm.Downadup.Gen.

The new version is more resilient to disinfection. Once the system is compromised, the worm disables Windows Update and blocks access to most of the anti-virus websites in order to hinder the user to disinfect his machine.

BitDefender is the first to offer a free tool which disinfects all versions of Downadup. This domain is the first to serve a removal tool without being blocked by the e-threat.

The worm itself is not new, it made its first appearance late November 2008, known under the names Conficker or Kido as well exploiting the vulnerability described in the Microsoft security bulletin MS08-067. After successful exploitation it used to install rogue security software on the infected machine.
Do you think your computer is infected?

Click here to check for the virus
 

Latest Replies

Global Defence

New threads

Articles

Top