The latest variant of the worm, Conficker.C, is programmed to do something on April 1. But what exactly will happen? The most scary thing about it is, no one can say for sure. The “A” and especially “B” variants of this worm (also known as Downadup) have built a botnet estimated at several million PCs, almost exclusively through exploitation of the MS08-067 vulnerability in Windows. Last time around, Conficker added some innovative techniques to update itself though a large number of domains, the names of which were algorithmically generated by the program. Microsoft, as usual tried the trick of offering bounty to know about the creators of this deadly worm. But nothing worked.
Now, the latest variant, Conficker.c worm adds a number of defensive measures designed to protect itself from detection and removal and it charges up the number of domains it can check for updates. The more detailed post about Conficker.c worm can be found here.
It is supposed to disable Windows Automatic Updates and the Windows Security Center. Some security experts such as Eset are urging you to back up in advance of April 1 and to make sure that your security software is working properly. I had shared the Tools available to detect and fix Conficker worm. But none of these security vendors promise that these tools can surely detect and fix all the variants of the Conficker worm. Come April 1st, the worm will start contacting the 50,000 domains and download something. What will they download? What will it make the bots do? Honestly, nobody knows. This is the great mystery.
Is Conficker.C just an April Fool Joke?
Some people are still thinking that it might just be an April fool prank. But let me tell you, it is more a wish than anything else. But really, what is the purpose of Conficker, which could possibly become the world’s most powerful parallel computer on April 1? Speculation about Conficker’s purpose ranges from the benign — an April Fool’s Day prank — to far darker notions.
NYTimes thinks -
One likely possibility is that the program will be used in the “rent-a-computer-crook” business, something that has been tried previously by the computer underground. Just like Amazon.com offers computing time on its network for rent, the Conficker team might rent access to its “network” for nefarious purposes like spamming.
That is really scary. But the best tips I can give you at this point of time are-
- Be aware of the Conficker worm and do NOT under-estimate it.
- Before April 1st make sure your Windows security updates are up-to-date, and so your anti-virus updates.
- Beware of any new websites you will be visiting.
- Avoid downloading anything that day.
- And do not forget to follow and keep track of the latest updates about Downadup worm here on TechPP.
Reference: PC World
Image Credits: TopNews