Conficker “The virus”, which has attacked millions of computers worldwide, is scheduled to occur on a global scale this Wednesday (April 1), according to information from experts on security on the Internet.
The program could delete all of the files on a person’s computer, use zombie PCs — those controlled by a master — to overwhelm and shut down Web sites or monitor a person’s keyboard strokes to collect private information like passwords or bank account information, experts said.
What makes the virus so powerful in its way to “infect” is the fact that it spreads through external USB storage, such as those used in pendrives, cameras, iPods and MP3, among others. The “specialty” of the virus is to find out and “steal” ALL your passwords.
Microsoft announced a reward of $ 250k for those who can identify the creators of the virus, also known as DownAdUP.
The virus also spread from a “Botnet” (network of infected computers that will “work” for virtual pirates).
As the date is known as April Fool’s Day, many Internet users already see the dozens of alerts as a false alarm, a “hoax” (known as the rumors are virtual).
Today, the Conficker is scheduled to take control of 250 sites per day. On Wednesday, would increase its strength to reach 50,000 pages per day, which may make it more difficult to locate the attack, according to Mikko Hyponen, company F-Secure, which specializes in virtual security.
It is estimated that the Conficker has already infected more than 12 million computers.
I. Description
Home users can apply a simple test for the presence of a Conficker/Downadup infection on their home computers. The presence of a Conficker/Downadup infection may be detected if a user is unable to surf to their security solution website or if they are unable to connect to the websites, by downloading detection/removal tools available free from those sites:
*http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm
*http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
* http://www.mcafee.com
If a user is unable to reach any of these websites, it may indicate a Conficker/Downadup infection. The most recent variant of Conficker/Downadup interferes with queries for these sites, preventing a user from visiting them. If a Conficker/Downadup infection is suspected, the system or computer should be removed from the network or unplugged from the Internet – in the case for home users.
II. Solution
Advice from US-CERT
-US-CERT recommends that Windows Operating Systems users apply Microsoft security patch MS08-067 as quickly as possible to help protect themselves from the worm. They can also disable AutoRun functionality.
-Home users can apply the US-CERT test for the presence of a Conficker/Downadup infection on their home computers. The presence of an infection may be detected if users are unable to connect to their security solution Web site or if they are unable to download free detection/removal tools.
-If an infection is suspected, the system or computer should be removed from the network. In the case of home users, the computer should be unplugged from the internet.
-Instructions, support and tools you help you manually remove a Conficker/Downadup infection from a system have been published by most major security vendors.
-US-CERT recommends that computer users and administrators keep up-to-date on security patches and fixes for their operating system and install up-to-date anti-virus and anti-spyware software. A firewall will also help block attacks before they can get into your computer.
Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors.
Please see below for a few of those sites. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:
Symantec:
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99
Microsoft:
http://support.microsoft.com/kb/962007
http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx
More information
Cheers
Lucio Ribeiro
You also might like:
Hi Lucio,
thanks for the heads up.
The story is everywhere. I do believe Microsfot is doing a great PR work here and pulling the attention.
Posted by Michael | April 1, 2009, 1:15 amHi Lucio,
It could be an April Fool’s joke – BUT… I’m going to update all my virus definitions and stuff anyway!
Cheers
LJP
LJP’s last blog post..New Social Networking Site
Posted by LJP | April 1, 2009, 3:21 amHi LJP
I dont really think its a joke.
Try a search on GGL news and you’ll see major media is covering up the issues.
Theres no harm in updating anti-virus and backing up
Lucio
Posted by Lucio | April 1, 2009, 3:55 am