Subscription Center
Mar 31, 2009 06:15 PM | 4
It could be just another April Fool's joke, but just in case, security experts are warning Microsoft Windows users that the creators of the Conficker computer worm may launch a new campaign tomorrow to infect as many PCs as possible with their malicious software. This third generation of Conficker—the worm has been on the loose since November and has infected nearly 15 million computers—is expected to use new methods of spreading that security pros have yet to completely block.
The latest version of Conficker (which has various aliases, including Conficker.D, Conficker.C or Downadup.C) snuck onto computers already infected by one of its predecessors. According to Microsoft's Security Response Center Web page, this new version, which the company refers to as Conficker.D, does not spread by attacking new systems. Conficker.D does, however, have a new "peer-to-peer" updating capability that could enable infected systems to spread or receive instructions from those controlling the worm (it's creators remain at large) to steal info from infected computers or generate large amounts of spam e-mail that could clog the Internet and slow its performance, according to a Web posting by the Conficker Working Group (a team of computer security specialists formed by Microsoft, Internet Corporation for Assigned Names and Numbers (ICANN), and various security software makers to keep the worm from spreading).
The worm has already infected the French Navy computer network Intramar, U.K. Ministry of Defense and Great Britain's House of Commons, among others. Like a computer virus, a worm is a software program that can travel over a network and enter a computer through a flaw in that computer's software or operating system. Unlike a virus, a worm can automatically copy itself from one computer to another.
A common worm behavior is to raid the address book on a user's computer and send out copies of itself via e-mail to all contacts in it. This mass e-mailing not only spreads the worm, it also clogs networks, making them sluggish.
As with any infection, the best way to protect oneself is to avoid getting it in the first place. Microsoft and its competitors sell a variety of security software to patch holes in Windows and other programs. Other measures to protect against Conficker and other worms include setting up a firewall that screens information entering your computer from the Web and avoiding e-mail attachments if it's not clear where they came from or what they'll do when opened. If a worm does wriggle its way into a computer, it has the ability to lock users out of that computer, disable security software already installed on the computer, and/or block users from accessing Web sites that sell security software.
It's a mystery who unleashed Conficker on the world, but CNET reports that Vietnamese security firm BKIS says it has clues suggesting the worm may have originated in China. BKIS claims to have spotted similarities between Conficker's code and that of the 2001 Nimda worm, which the company believes was made in China. There were earlier rumors that it might have hailed from Russia or Europe, according to CNET.
Some Internet security firms point out that no one actually knows what Conficker will do on April 1, so there's no reason to act as though the sky is falling. According to a blog earlier this month by Boston-based security firm Sophos Plc., "It's quite possible that Conficker will not do anything significant on April 1st. Certainly it won't be 'deadly' and your computers won't melt."
The FBI today issued a statement about Conficker indicating the agency will be on alert to "fully identify and mitigate the threat" and warning the public not to fall for spam e-mails that might unleash the worm on their computers.
Image ©iStockphoto.com/ Baris Onal
Tags:
China,
Windows,
Microsoft,
Nimda,
Conficker
More News Blog:
Next: JAMA editors embroiled in brouhaha over treatment of critic
Previous: EPA to monitor air outside toxic schools
See what we're tweeting about
cqchoi Intriguing complications regarding Denisovans HT @johnhawks http://t.co/UAwvf2rFoL
mdichristina Thames, yesterday afternoon. http://t.co/jUr9rDwuuT
BecCrew RT @mollylambert Thee Ratchet List http://t.co/PcY7tam7Ux
Deadline: Jul 30 2013
Reward: $100,000 USD
The Seeker desires a method for producing pseudoephedrine products in such a way that it will be extremely difficult for clandestine che
Deadline: Jun 30 2013
Reward: $1,000,000 USD
This is a Reduction-to-Practice Challenge that requires written documentation and&
Powered By: 
YES! Send me a free issue of Scientific American with no obligation to continue the subscription. If I like it, I will be billed for the one-year subscription.
4 Comments
Add CommentSweet! Day off tomorrow!
Reply | Report Abuse | Link to thisThid one not a joke. It hst over 20 million users so far. I am concerned for my computer. To Not be on of them, as I understand what it does and that is not vey nice. I hope you have your tops lookin to help fis this this wor,m.
Reply | Report Abuse | Link to thisSndy
I feel this worm is something to not walkke over loosilu. When a hacker finds a back door to windows ooperating systems, This opene so many door with a c omputer to where they can do just about anying, Tom me that is a major concern, Cristofero
Reply | Report Abuse | Link to thisWhere is it, Did it fizzle out on Apr 1?
Reply | Report Abuse | Link to this