First*Light Special - Conflicker - 2009/04/01 14:19
(Show notes for Mornings on WNMC today....)
"Conflicker" is the latest computer virus to make headlines, and this little critter has computer security experts worried!
The virus hides on its host computer, waiting and hiding until today (April 1st, and I'm sorry to say that this is NOT an April Fools joke).
Perhaps most worrisome? We don't know what the virus will do when it wakes up today! The best guess is that Conflicker will will attampt to initiate a massive financial scam.
Conflicker has spread aggressively around the world since October, and has infected an estimated 15 MILLION computers. (By the way, Conflicker infects Windows PC's only - Mac computers are not affected; time to buy a Mac?) The virus has been morphing, making it difficult to detect and remove from some computers. The program's creator(s) have incorporated encryption routines to hide Conflicker's ultimate intent.
Computer security experts have attempted to cobble together a global response, hoping to head off the virus' payload. Part of the challenge? Experts don't know what Conflicker will do when activated - the virus will "call home" and get its instructions sometime today.
While the virus' author(s) are unknown, Conflicker shows similarities to previous botnet attacks created by the Russian mafia.
Your best defense is to keep Windows and your anti-virus software up to date. Nicole Miller, a Microsoft spokesperson, said "All we are saying is 'patch and clean, patch and clean.' " Microsoft has offered a $250,000 reward for information leading to the arrest of Conflicker's creator. (http://news.prnewswire.com/DisplayReleaseContent.aspx?ACCT=104&STORY=/www/story/02-12-2009/0004971471&EDATE=)
What should you do? Computer users should update their antivirus and other security software, and apply the Microsoft patch (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx).
Windows users should also apply a Microsoft update for the AutoRun feature in Windows that was released in February. The patch allows people to selectively disable the Autorun functionality for drives on a system or network to provide more security, to ensure that it is truly disabled. In addition to putting USB drive users at risk of Conficker and other viruses, the Autorun functionality has been blamed for infections from digital photo frames and other storage types. (http://www.microsoft.com/technet/security/advisory/967940.mspx)
Panda also has released a free "vaccine" tool for blocking viruses that spread through USB drives. (http://www.pandasecurity.com/usa/homeusers/downloads/usbvaccine/)
Microsoft has a Conficker removal tool. (http://support.microsoft.com/kb/962007)
More botnet information and removal resources are on the Shadowserver Web site. (http://www.shadowserver.org/wiki/pmwiki.php?n=Main.HomePage)
The administrator has disabled public write access.
Michael Foerster
Expert Boarder
Re:First*Light Special - Conflicker - 2009/11/09 00:03UPDATE: CONFICKER INFECTIONS SURPASS 7 MILLION
Despite widespread media coverage earlier this year, Conficker continues to grow. Researchers say that the worm has infected more than seven million computers worldwide. It is believed that many of the infected machines are running counterfeit copies of Windows. These machines are unable to download Microsoft's tools to remove the infection.
The criminals who control Conficker could do serious damage. They could launch massive denial-of-service attacks, for example. But, the infected machines haven't been used to do much. The reason for this is unknown. However, the criminals probably don't want to call attention to themselves.
The advice stays the same; get an anti-virus program, such as McAffe or Symantic, and keep Windows updated. Or (mild gloat) get a Mac.
~Michael
The administrator has disabled public write access.
