Sponsor for PC Pals Forum

Author Topic: Conficker to activate on 1 April  (Read 2640 times)

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Conficker to activate on 1 April
« on: March 24, 2009, 16:49 »
Prepare for a nasty shock on April Fool's day, security experts have warned.

That's because the Conficker worm, otherwise known as Downadup, is set to activate on 1 April.

A variant of the worm known as Conficker C is the focus of security experts' attention and is thought to have infected millions of PCs worldwide without the knowledge of their owners.

What is not clear is what exactly will happen.

Predictions range from a massive DDoS (distributed denial-of-service) attack on a major website or social network to a widespread wiping of hard disks on the PCs it has infected.

However, it could be far less serious.

"Speculation continues on whether the payload will be one big April Fool's joke, or the equivalent of a cyber Pearl Harbor," said Symantec's Eric Chien.

"While we can't predict the future with certainty, we can look at the motivations of past Downadup variants to postulate that the payload will likely be something between the two extremes," Chien continued.

According to Symantec, the amount of media attention Conficker C is receiving could affect what happens on 1 April.

"Considering the amount of eyes now watching Downadup's every move, we also can't underestimate the chance that the authors may veer from their original motives," Chien said.

If you suspect you have been infected by the Conficker worm, you should make sure your anti-virus application is up to date, restart your PC in Safe Mode, and run a full system scan.

Trend Micro has also come up with a free tool to remove Conficker available to anyone, not just Trend Micro customers.


Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker to activate on 1 April
« Reply #1 on: March 24, 2009, 17:41 »
It would probably be worth running Trend's tool at least daily for the time being.
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker to activate on 1 April
« Reply #2 on: March 25, 2009, 20:33 »
I couldn't actually find the Trend Micro tool, but F-Secure have one:

http://www.f-secure.com/v-descs/worm_w32_downadup_al.shtml
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline TR

  • Forum Fanatic
  • ******
  • Posts: 7149
Re: Conficker to activate on 1 April
« Reply #3 on: March 26, 2009, 07:22 »
Or this This one  ;)

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker to activate on 1 April
« Reply #4 on: March 26, 2009, 09:54 »
Thanks Terry, that looks handy too.  :)
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: Conficker to activate on 1 April
« Reply #5 on: April 09, 2009, 20:39 »
Conficker sparks into life

The Conficker worm has come to life after several days of inactivity, security experts have said.

It is downloading a mysterious data package that could contain instructions for a widespread attack on the web by Conficker, also known as Downadup.

Trend Micro spotted the data package after setting up a 'honeypot' - a PC that has a variant of the worm installed but is closely monitored by its researchers.

"Last night we saw a new file in the Windows Temp folder. Checking on the file properties reveals that the file was created exactly on 7 April, 2009 at 07:41:21," said Trend Micro's Ivan Macalintal.

Though it isn't clear what exactly the data package does, as it is encrypted, the company said it was able to work out a few things about it.

"It also does not leave a trace of itself in the host machine. It runs and deletes all traces, no files, no registries," Macalintal said.

There is also a theory developing that it could be related to the Waledac botnet.


Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Conficker to activate on 1 April
« Reply #6 on: April 09, 2009, 21:09 »
Researchers say Conficker is all about the money

Quote
The Conficker worm that has infected millions of Windows-based computers will likely be used to send spam and steal data much like one of the nastiest botnets on the Internet does, researchers said on Thursday after finding links between the two worms.

http://news.cnet.com/8301-1009_3-10216205-83.html
- sam | @starrydude --

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker to activate on 1 April
« Reply #7 on: April 09, 2009, 21:26 »
I've done several test and all come up clear.  To be honest, this is only going to affect those who have weak security and haven't done their Windows Updates since last October, isn't it?
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Conficker to activate on 1 April
« Reply #8 on: April 09, 2009, 22:14 »
I would have thought so....
- sam | @starrydude --

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker to activate on 1 April
« Reply #9 on: April 09, 2009, 22:50 »
So, no one here then.  :)
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline GillE

  • Forum Fanatic
  • ******
  • Posts: 6349
  • Never totally serious
    • Gill's East Lindsey Camera
Re: Conficker to activate on 1 April
« Reply #10 on: April 10, 2009, 00:27 »
Another Millennium Bug?  Let's hope so.
There is no opinion, however absurd, which men will not readily embrace as soon as they can be brought to the conviction that it is readily adopted.

(Schopenhauer, Die Kunst Recht zu Behalten)

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Conficker to activate on 1 April
« Reply #11 on: April 10, 2009, 10:37 »
no it won't affect the date just act like malware.



Actually on the date issue there is a much worse problem than the Y2K problem - Year 2038 problem

Quote
The year 2038 problem (also known as Unix Millennium bug, or Y2K38 by analogy to the Y2K problem, known as the millennium bug) may cause some computer software to fail before or in the year 2038. The problem affects all software and systems that store system time as a signed 32-bit integer, and interpret this number as the number of seconds since 00:00:00 January 1, 1970.[1] The latest time that can be represented this way is 03:14:07 UTC on Tuesday, 19 January 2038. Times beyond this moment will "wrap around" and be stored internally as a negative number, which these systems will interpret as a date in 1901 rather than 2038. This will likely cause problems for users of these systems due to erroneous calculations.

http://en.wikipedia.org/wiki/Year_2038_problem
- sam | @starrydude --

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Conficker to activate on 1 April
« Reply #12 on: April 10, 2009, 10:39 »
I'll be 90 then, Sam, so I'll not worry too much. :)
Slainthe!

Rik

Offline sam

  • Administrator
  • *****
  • Posts: 19977
Re: Conficker to activate on 1 April
« Reply #13 on: April 10, 2009, 12:22 »
yeah but how will you be able to play your vintage mp3s?  :laugh:
- sam | @starrydude --

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Conficker to activate on 1 April
« Reply #14 on: April 10, 2009, 12:22 »
 ;D
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:


Show unread posts since last visit.
Sponsor for PC Pals Forum