Conficker Computer Virus Poses New Threat

The Conficker worm computer virus updated itself late Wednesday, bringing a new threat to the millions of PCs currently infected by it.

The discovery was made by Internet security company Trend Micro, who stated in a press release that the ybercriminals behind the notorious Conficker worm may finally be gearing up for more serious attacks.ԍ

As many as 12 million computers could be infected by the worm. Microsoft is offering a $250,000 bounty for its creator.

The worm can be used to steal data from computers. It can also control infected computers to be used in what is called a otnet.The army of computers in the botnet can then be used by a hacker to launch cyberattacks against anything from Web sites to government computer networks.

Such an attack was launched against the U.S. Pentagon in 2007 by Chinese hackers. The Pentagon was forced to temporarily shut down its network and lost an unknown amount of information.

The activation of the Conficker worm came the same day (Wednesday) as reports of cyber spies infiltrating the U.S. power grid. The Wall Street Journal reported that Chinese and Russian spies were behind it, leaving software in the system that could shut down the U.S. electric grid.

Canadian researchers also discovered late last month the Chinese ԇhostNetԗa spyware system that is being used to monitor and steal documents from 1,295 computers in 103 countries. Among their targets were the Dalai Lama, the media, and hundreds of government and private offices.

Whether the Conficker worm has any connection to the other attacks is yet to be known.

On Oct. 26, 2008, just three days after the discovery of the worm was announced by Microsoft, Chinese hackers created a toolkit that would allow anyone to exploit the system gap. The kit was originally sold for $37.80 but was later made available for free download.

The surprisingly rapid spread of the Conficker worm is attributed to its ability to pass between computers on USB memory sticks. It is also able to invade computer networks. The worm spreads through vulnerabilities in Microsoftӳ operating system, Windowsءlthough an update is now available to repair the vulnerabilities.

The update of the worm was originally suspected to be taking place on April 1. According to Trend Micro the new variant of the worm, known as WORM_DOWNAD.E, runs using a random file name and random service name. It updated itself through P2P communications. The new file was discovered in the Windows Temp folder.

Its effects are yet to be known.

Strangely, according to a BBC report, researchers from the Symantec internet security company said the new update has instructions for the worm to remove virus itself on May 3, 2009, yet a gap in the machine will remain open so that its creators can still control the compromised PC

1 comment:

Cathlin said...

Keeping it running sufficiently.
When I first got my computer I didn’t realize how important having antispyware was to keeping it running sufficiently. However, it didn’t take very long for it to become perfectly clear. If you don’t have a good scan you will have many problems that could be avoided so easily. Search-and-destroy Antispyware is a great option when it comes to scanning for bugs that will help you keep your computer running at its peak efficiency. The antispyware solution from Search-and-destroy which you will find at will help give your PC the protection it needs to keep it in good working condition.

©2009 Antivirus Support | by TNB