Conficker virus could be deadly threat – or April Fool’s joke

Also see:
DHS Releases Conficker/Downadup Computer Worm Detection Tool
http://technewsreview.com.au/article.php?article=7654It could be the biggest April Fool’s joke ever played on the internet, or it could be one of the worst days ever for computers connected to the network. Security experts can’t work out whether the Conficker virus – which has infected more than 10m Windows PCs worldwide – will wreak havoc on Wednesday , or just let the day pass quietly.Experts have worked out that from midnight on 1 April, the Conficker program will start scanning thousands of websites for a new set of instructions telling it what to do next. The infected machines thus comprise one of the biggest “botnets” – a network of “robot” computers – in internet history. And if they were all given a target, such as simultaneously sending search queries to Google or trying to connect to a gambling site, they could knock it offline through the sheer volume of connections – a “denial of service”. Victims usually discover that they have been locked out of their computers or have very slow-running internet connections.
http://www.guardian.co.uk/technology/2009/mar/30/conficker-virus-computingConficker flaw reveals which computers are infected
Even worm creators write buggy software.Once it infects a computer, the Conficker worm closes the hole in Windows that it used to get onto the system so no other malware can get in. This also makes it difficult for organizations to detect which computers have the legitimate Microsoft patch and which have the fake Conficker patch.However, Conficker’s “patch” has a weakness that can be used to distinguish between patched computers and infected computers that look patched, according to the nonprofit Honeynet Project.
http://news.cnet.com/8301-1009_3-10207375-83.htmlMystery computer virus Conficker threatens to wreak havoc
A computer virus that has been spreading around the world for months is set to come alive tomorrow.Experts have struggled to tackle it and they do not know who controls it or why it was created. But tomorrow the virus, dubbed Conficker, will “call home” to its creator to seek new instructions. No one knows what will happen next.
http://technology.timesonline.co.uk/tol/news/tech_and_web/article6005567.eceResearchers exploit Conficker flaw to find infected PCs
Just days before the Conficker worm is set to contact its controllers for new instructions, security researchers have discovered a flaw in the worm that makes it much easier for users to detect infected PCs.Tillmann Werner and Felix Leder, members of the Honeynet Project, an all-volunteer organization that monitors Internet threats, have discovered that Conficker-infected PCs return unusual errors when sent specially crafted remote procedure call (RPC) messages, according to preliminary information they have posted on the Web.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9130733German researchers score Conficker detection breakthrough
Just days ahead of an April 1st activation date for the Conficker worm squirming through the Windows operating system, security researchers at the Honeynet Project have scored a major breakthrough, finding a way to fingerprint the malware on infected networks.Now, with the help of Dan Kaminsky and Rich Mogull, off-the-shelf network scanning vendors have the ability remotely (and anonymously) detect Conficker infections.
http://blogs.zdnet.com/security/?p=3043

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.