April 1, 2009

April Fools' Conficker Virus is a dud

TECHNOLOGY - Ironically, in a conscious bid to rid their computers of the dastardly April Fool's Day Conficker virus, some people may have unwittingly installed it.

The Conficker C Internet worm is a malicious computer virus that burrows into your hard drive--and was due to begin hatching its nefarious plans Tuesday night at midnight.

The virus was launched in October 2008, and has since infected an estimated 12 million Windows-based PCs via unreliable websites and downloads.

As the virus moves into its second phase today, it gives an outside user control of the hijacked machine, and there is fear your private information could be stolen.

Only six per cent of all infected computers are in North America, researchers at IBM's Internet Security Systems said Tuesday, while the majority, 45 per cent, exist in Asia. But with so much interest in Conficker in the western world, its creators have found a new viral marketing campaign to keep it alive.

Software security vendor Symantec, publishers of the popular Norton Antivirus, released a report Tuesday that says people were more susceptible to download a copy of the virus simply by searching for "Conficker" in Google. The search brings up 3.2 million mentions of the worm on the Internet, some of them hoax websites that actually host the virus and infect any users who surf those sites.

"Be careful with the links you follow," the company warned in a news release. "A sincere effort of keeping abreast with the latest security information might contain some unwelcome surprises."

The news doesn't come as a surprise to Stuart Crawford, vice-president of Calgary IT firm Bulletproof Infotech.

"The Internet is a minefield and you have to know where to step," he said. "We'd like to remind people to only rely on trusted sites."

The first real computer virus scare in years has also been attracting a cottage industry of online scam artists, dubious cyber criminals who are selling alleged removal tools for the virus that promise a lot and do nothing. Some even infect the PC with more malware.

"Bad guys will try to take advantage of any crisis, whether it's a natural catastropheor Conficker striking,"said John Aycock, an associate professor in the computer science department at the University of Calgary. "So in that respect, this isn't surprising."

The computers infected with Conficker are scheduled to move into a new phase today, April 1, when the worm will seek new instructions.

What those instructions are has been relatively unknown to leading computer experts. In a worst-case scenario, the worm could take over your machine and steal all your personal data. On the other hand, optimists say this could all be one of the most elaborate April Fool's Day hoaxes ever.

"We don't know what those instructions are, and in all likelihood, nothing is going to happen,"Aycock said.

The worm, one that's been difficult to identify and remove, has been one of the most sophisticated and potentially dangerous that many in the information security business have faced. It exploits weaknesses in the Windows operating system and conceals itself on a hard drive, laying dormant until midnight this morning, when it was expected to search out its originator and seek further instructions.

To hide its tracks and protect its creators, the virus generates a list of tens of thousands of URLs or domain names, any one of which could be its central command centre. Until it is dismantled, Conficker will generate 50,000 brand new URLs a day and will search for 500 of those names on a daily basis, according to security vendor Websense Inc.

Apple Macintosh and Linux users aren't affected, since Conficker only attacks PCs running Windows. Unfortunately, that means nine out of every 10 computers in the world could be a carrier.

"This was designed to hit as many people as it possibly could,"Crawford said.

The virus is most likely to strike the untold thousands, millions perhaps, that are running pirated versions of Windows on their machines.Because they acquired the software illicitly, they are unlikely to update it through Microsoft's official patches.

"If you don't have an official copy of Windows or you're unable to update, you're potentially at risk," Aycock said. "But if you're running antivirus software, it should be able to spot Conficker now."

Most commercial antivirus software firms have released updates to combat Conficker, and the U. S. Department of Homeland Security has made a free removal tool available on its website.

If you fear your computer is hosting theConficker C virus, Crawford suggested trying to navigate to popular antivirus sites such as and McAfee. com. The newest versions of Conficker disable your ability to log onto these sites. If you're unable to visit these sites, you're ad-vised to take your computer to an IT expert as soon as possible.

Microsoft Corp is offering a $250,000 reward for information leading to the capture and conviction of Conficker's creators, though the culprits behind these types of cybercrimes are rarely found.

"The grim reality is that catching the bad guys behind this, unless they make a massive slip-up, is next to zero," Aycock said. "They could be anywhere in the world."

It's also likely that Conficker's creators have been scared off by all the media attention they've garnered, the professor said, at least for now.

"It's entirely possible that the bad guys don't really know what to do with all this firepower they've amassed,"he said. "But these are people who have a high level of technical skill and a fair bit of motivation, so it may be likely that Conficker won't be the last we'll hear from them."

As for the Conficker worm itself, it likely isn't going anywhere. Aycock said given the history of computer viruses, it's more likely that Microsoft will have to learn to work around it rather than disable it altogether.

In Entertainment news, here's some old April Fools' jokes made by various TV stations:

No comments:

Post a Comment

Comments containing links will be marked as spam and not approved. We moderate every comment. If you want to advertise on this blog it is $30 per link.

Affordable Website Design & SEO

Looking for a quality professional website designer? Why not go where the smart money is?! Toronto Website Design and Toronto SEO. Get free SEO advice from people who really know the business.

Featured Posts

The Sarcasm Symbol
Ever had some confusion online or with your cellphone when someone fails to catch the sarcasm? Well now with the SarcMark you can ge...
Behold, the Scorpion Hydrogen Supercar
CARS - To the right is the future of supercars... it is a hydrogen supercar called the Scorpion. The Scorpion from Ronn Motors in Texas is t...
Documents show Stephen Harper misusing public funds
CANADA - According to 950+ pages of documents obtained by the Canadian Press under the Access to Information Act the Privy Coun...
Pink's Rosie the Riveter
ENTERTAINMENT - What I like about this video is how it meshes different social movements like feminism, veganism, anti-capitalism...
California's Dustbowl
ENVIRONMENT - The photo on the right is a farm in California that has been put up for sale. Its just one of thousands of farms that are n...
Is Steampunk the New Goth???
GOTHIC - Watch out what you see on the subway late at night because while in 2001 you might have seen some pretty freakish goths, by 20...
Do you have enough Ice Water in your diet?
HEALTH - A Calorie (large C) is a measurement of the amount of energy needed to raise the temperature of a litre of water (1 kg's worth) ...
North Korean timeline towards Inevitable War
POLITICS - The following is timeline of events that have occurred on the Korean Peninsula. 1945 - Japan surrenders to the United States a...
Judgment Day is Tomorrow, so sayeth Cult
RELIGION - According to a cult based in California, Judgement Day is tomorrow (May 21st 2011) and Jesus Christ will return to the Earth a...
Sex in Space Forbidden
SEX/TECHNOLOGY - Sex in outer space is a big no-no according to NASA. Not for professional astronauts at least, but the growing numb...

Popular Posts