Time and again I have written and warned about Conficker. The latest being Conficker.c, popularly known as April Fool Virus. After April 1st, security agencies did not see the worm spreading and causing havoc as expected. But the fact is – “Conficker is alive and kicking”.
And now, deadlier than ever
Why deadlier? Because it now has a business model associated with it. It has started to update itself via a peer-to-peer network between the infected machines, after downloading its payload from a server in South Korea. So the infected PCs act like zombies to the owners of the worm who now has almost the complete control over the infected PCs. There is no information on the actual number of PCs affected with this worm, but is estimated to be somewhere between 10 million to 15 million.
The earlier versions of Conficker were known to just block the infected machines from accessing the servers of most antivirus companies and Microsoft Update server. The new variant also does the same but has gone further by blocking sites which offers tools to remove Conficker.
The hackers have supposedly set a deadline of May 3 for the Conficker worm to delete itself from the infected machine, but still it keeps a port open so that the hackers can come back and access the PC if they need to. As per Trend Micro & Symantec, Conficker downloads a version of Waledoc malware which is one of the most active spam-bots around. This indicates that the creators of Conficker might be the same ones as Waledoc.
Secure yourself or Fix Conficker worm
If you are someone who constantly or automatically updates Microsoft Windows patches, most certainly you will be safe from Conficker worm. But still I would suggest you to carry out few simple test to be sure.
1. Fastest Way to Check if you are Infected by Conficker Worm
2. Conficker Infection Detector
If unfortunately the above tests indicate that you are infected head over to this post on tools to fix conficker / downadup worm, which I had written a month back and see if any one of the tools can detect and remove the worm. I have updated the post with some latest tools, so make sure you try them all once.
Raju PP is the founder-editor of Technically Personal, which is one of the most widely read technology blogs on the web. He holds an Engineering degree in Electronics & Communication, and has previously worked as a Technical Specialist in Banking Software domain.
Where’s your source bro?
If this is true, then it is pretty scarier that before.
macobexs last blog post..AlienGUIse : Theme Manager – Pimp Your Desktop Theme.
Try to find quickly what is the area infected so that further any more PC’s do not get infected.