Will your PC be hijacked on April 1?

They aren't real Borg - that's a convention with homemade costumes!

[anna]

Microsoft on Thursday said it is offering a $250,000 reward for information that leads to the arrest and conviction of whoever is responsible for creating the Conficker Internet worm that has infected millions of PCs.

Microsoft said it is offering the reward because the worm constitutes a "criminal attack" and offering compensation should hasten prosecution. Residents of any country are eligible for the reward and should contact their international law enforcement authorities, the company said in a statement.

Microsoft also announced that it has partnered with security companies, domain name providers, and others on a coordinated global response to the worm, also known as Downadup. Participating are: the Internet Corporation for Assigned Names and Numbers (ICANN), VeriSign, NeuStar, CNNIC, Afilias, Public Internet Registry, Global Domains International, M1D Global, AOL, Symantec, F-Secure, ISC, Georgia Tech, the Shadowserver Foundation, Arbor Networks, and Support Intelligence.

The worm, which has been around since last year, spreads through a hole in Windows systems, exploiting a vulnerability that Microsoft patched in October.

It also spreads via removable storage devices like USB drives, and network shares by guessing passwords and usernames, which is "causing it to spread like wild fire in the enterprise," Jose Nazario, manager of security research for Arbor Networks, wrote on a company blog.

Coalition members have been trying to thwart the efforts of Conficker by pre-registering and locking up the domain names being used by the worm to distribute updates.

"The worm seeks to update itself by using a long list of pseudo-randomly generated domain names to contact over HTTP and then grab new code," Nazario wrote. "The algorithm for this domain name generation scheme has been cracked (by F-Secure and others) and has been used to pre-compute the names for pre-registration to prevent hostile parties from using this update feature. This has been facilitated - greatly facilitated - by ICANN, TLD operators, and various registrars working together with Microsoft and others to identify the names and grab the ones they need to. These records can then be pointed at sinkholes to discover Conficker-infected hosts checking in."

Over the past five days, Symantec has observed an average of 453,436 IP addresses infected per day with W32.Downadup.A and 1.7 million IP addresses infected per day with W32.Downadup.B, the company said in a blog posting.

"W32.Downadup is the first successful worm to target a vulnerability in a remote service since W32.Sasser in 2004, and in doing so it has shown that the Internet is still a successful breeding ground for worms," Symantec said.

Infected machines, of which there could be as many as 12 million according to a guesstimate by Arbor Networks, could be used to launch distributed denial-of-service attacks on Web sites or seed a new worm, according to Symantec.

Quote:

Originally Posted by anna

April fools joke

Not this time, sorry.

It is real, however all that will happen tomorrow is the virus will start to look for updates from its creators, who can from that point decide what they want to do with the millions of machines. They could for example sell them to spammers, or people who want to take websites down, etc. However, this doesn't mean it will happen tomorrow, it can happen at any point from tomorrow onwards.

Having read the technical paper on it, its a bloody clever bit of programming. I doubt it will be easily defeatable, as everything is encrypted, and checked against signed keys (this makes sure an update has come from the virus writers themselves).

However, there are some programs you can download to check your system and remove it, however conficker actively looks for these and stops them running. But Microsoft's one is here.

It's evil, its nasty and could potentially cause a lot of damage. However having said that, from a technical point of view its a work of Genius and very cleverly constructed, and if I were into writing virus' I would likely do some things a similar way. 9.5/10 for design.

Dan

[fizzwheel]

As long as your machine is patched with Microsofts latest set of patches and your anti-virus is working and has an up to date patch, then from I've just spent the last 5 minutes reading you'll probably be OK.

theres some proper info here...

http://vil.nai.com/vil/content/v_153464.htm

Have a look at the second tab in this page called, "Encyclopedia"

Then check to see if your password is in that list:

http://www.microsoft.com/security/po...32/Conficker.B

Who actually makes viruses, and for what purpose?

[fizzwheel]

Bored students, ex employee's with a grudge, you name them they'll have written one.

Aims are normally to steal your password, bank details etc etc or just to reek havoc with a system. This is probably worth a read if you dont know much about them, why and what they can do.

http://en.wikipedia.org/wiki/Computer_virus

Dan, never a truer word spoken. A very very good work indeed. Just a shame that such a talent would act uncontrolled & screw themselves over for it.

You've got to love the scare stories though. For a second I thought it was New Years Eve 1999 again!!

[SoulKiss]

Quote:

Originally Posted by jamesterror

Fedora & Vista here

So not a proper operating system then..........