Conficker Strikes – Most Advanced Virus Yet?
Come midnight tonight, the Conficker Virus is set to detonate. Directly from Yahoo News:
What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type — passwords, credit card numbers, etc. — and send that information back to its masters?
No one knows, but we’ll probably find out soon.
This baby is packing a punch. Conficker is a really sophisticated virus. Typical viruses tend to have a list of specific static directives. When PC users are affected by Conficker, however, the worm saves a copy of its DLL form to a random filename in the Windows system folder, then arranges to load itself thereafter at boot as a system service with a randomly generated name.
Don’t worry Mac and Linux users, you should be fine. In fact, it looks like Microsoft dropped the ball and left a previously patched vulnerability in the Windows Server service used by Windows 2000, Windows XP, Windows Vista, Windows Server 2003, Windows Server 2008, Windows 7 Beta, and Windows Server 2008 R2 Beta that are all susceptible to the big bad worm.
We’ve heard of Conficker before (also called Downup, Downadup and Kido) The new kid on the block, Conficker.C will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there’s no way to shut down all of them. If just one of those sites goes live with legitimate commands, Conficker continues it’s path of destruction.
Since we’re all smart cookies I don’t have to tell you that turning off your computer for April 1 won’t work. Nor will changing the clock setting within your calendar. “Authorities” say a good way to prevent the attack is to make sure your version of Windows is fully updated and patched via Windows Updater Tool, along with having a good firewall.
The problem is, if Conficker’s already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss, most will tell you to boot into Safe Mode then do an offline scan. I would tell you to run off an Ubuntu Live CD and scan your computer for the virus that way, but that’s just me.
If you only run Windows, whether you’d rather put your head between your knees and kiss your arse goodbye or fight it tooth and nail; one thing is for sure — this virus is real and it’s powerful.
Click here for more information on Conficker and how to guard yourself from it.