One of the most sophisticated and dangerous malware applications in the history of computers is set to unleash its fury on April 1, 2009. Conficker C is nasty enough to warrant a $250,000 bounty from Microsoft for any information leading to the identification and prosecution of the worm’s authors.
From the limited research I’ve been able to do, it appears that, on April 1, any computer infected with Conficker C will automatically and immediately come under the control of the worm’s controllers. Little is known as of yet what those individuals intend to do with that control, but the possibilities are nearly endless. The implications could range from simply popping up annoying adware windows to reading your entire computer history (passwords, bank information, etc.) to completely wiping your hard drive.
In my research, I did find that this worm presents itself as a dynamic link library (DLL), which is strictly a Windows entity. Therefore, at this time, the worm is not a threat to Linux or Macintosh computers.
I have not been able to determine yet whether this virus will only affect computers on April 1, or if it will automatically initiate any time the computer is booted into Windows on or after April 1. In other words, are we safe if we simply avoid logging into Windows on that day, or will we get hit the next time we start our computer?
There is, apparently, a “security scan” available on Microsoft’s Web site (it supposedly works only with IE). However, the articles I’ve read seem to indicate that professionals still know very little about the worm and how it works. At this time, there is still not a “cure” for it. Therefore, I am curious just what the safety scan will do.
You can read more about the worm in the following articles. The first is a news story, so it’s written in basically laymen’s terms. The second is an entry from the Wall Street Journal’s LiveMint blog. The third is a technical analysis of the information currently known about the worm, so it is a great deal more difficult to decipher.
- Beware Conficker worm come April 1 – Christopher Null
- Scan your computer for Conficker virus – LiveMint
- An Analysis of Conficker C – SRI International