Beware Conficker worm come April 1 - SoberRecovery : Alcoholism Drug Addiction Help and Information
Go Back   SoberRecovery : Alcoholism Drug Addiction Help and Information > Social Groups > Café Central
Register Blogs FAQ Members List Calendar Arcade Mark Forums Read




Reply
LinkBack Thread Tools
Old 03-29-2009, 09:22 PM   #1 (permalink)
*~10 YEARS BABY~*
 
Done_With_It's Avatar
 

Join Date: Nov 2005
Location: Hollywood
Posts: 9,354
Blog Entries: 15

Beware Conficker worm come April 1


Beware Conficker worm come April 1

In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.
Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.
Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.
Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm's code as they attempt to engineer a cure or find the writer before the deadline. What's known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything's possible. Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.
Conficker is clever in the way it hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day -- which security researchers and ICANN simply bought and/or disabled -- but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can't be tracked and disabled by hand.
At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.
__________________
__________________

Living in fast forward
Hollywood RockStar outta control
Need to rewind real slow
Always Runin
Time to take control

Oh yeah ...



Done_With_It is offline   Reply With Quote
Old 03-29-2009, 09:38 PM   #2 (permalink)
Psalm 118:24
 
CAPTAINZING2000's Avatar
 

Join Date: Nov 2004
Location: ILLINOIS
Posts: 15,143
Blog Entries: 1
thanks for the repost

I had posted it a few days back. It might have gotten buried on the site already
__________________
LIFE IS GOD'S GIFT TO YOU
WHAT YOU DO WITH YOUR LIFE
IS YOUR GIFT TO GOD


J - Jesus first
O - Others next
Y - Yourself last

John 14:6
CAPTAINZING2000 is offline   Reply With Quote
Old 03-31-2009, 02:59 PM   #3 (permalink)
Psalm 118:24
 
CAPTAINZING2000's Avatar
 

Join Date: Nov 2004
Location: ILLINOIS
Posts: 15,143
Blog Entries: 1
Last-minute Conficker survival guide

Tue Mar 31, 2009 1:42PM EDT

See Comments (676)
Buzz up!on *****!

Tomorrow -- April 1 -- is D-Day for Conficker, as whatever nasty payload it's packing is currently set to activate. What happens come midnight is a mystery: Will it turn the millions of infected computers into spam-sending zombie robots? Or will it start capturing everything you type -- passwords, credit card numbers, etc. -- and send that information back to its masters?

No one knows, but we'll probably find out soon.

Or not. As Slate notes, Conficker is scheduled to go "live" on April 1, but whoever's controlling it could choose not to wreak havoc but instead do absolutely nothing, waiting for a time when there's less heat. They can do this because the way Conficker is designed is extremely clever: Rather than containing a list of specific, static instructions, Conficker reaches out to the web to receive updated marching orders via a huge list of websites it creates. Conficker.C -- the latest bad boy -- will start checking 50,000 different semi-randomly-generated sites a day looking for instructions, so there's no way to shut down all of them. If just one of those sites goes live with legitimate instructions, Conficker keeps on trucking.

Conficker's a nasty little worm that takes serious efforts to bypass your security defenses, but you aren't without some tools in your arsenal to protect yourself.

Your first step should be the tools you already have: Windows Update, to make sure your computer is fully patched, and your current antivirus software, to make sure anything that slips through the cracks is caught.

But if Conficker's already on your machine, it may bypass certain subsystems and updating Windows and your antivirus at this point may not work. If you are worried about anything being amiss -- try booting into Safe Mode, which Conficker prevents, to check -- you should run a specialized tool to get rid of Conficker.

Microsoft offers a web-based scanner (note that some users have reported it crashed their machines; I had no trouble with it), so you might try one of these downloadable options instead: Symantec's Conficker (aka Downadup) tool, Trend Micro's Cleanup Engine, or Malwarebytes. Conficker may prevent your machine from accessing any of these websites, so you may have to download these tools from a known non-infected computer if you need them. Follow the instructions given on each site to run them successfully. (Also note: None of these tools should harm your computer if you don't have Conficker.)

As a final safety note, all users -- whether they're worried about an infection or know for sure they're clean -- are also wise to make a full data backup today.

What won't work? Turning your PC off tonight and back on on April 2 will not protect you from the worm (sorry to the dozens of people who wrote me asking if this would do the trick). Temporarily disconnecting your computer from the web won't help if the malware is already on your machine -- it will simply activate once you connect again. Changing the date on your PC will likely have no helpful effect, either. And yes, Macs are immune this time out. Follow the above instructions to detect and remove the worm.
__________________
LIFE IS GOD'S GIFT TO YOU
WHAT YOU DO WITH YOUR LIFE
IS YOUR GIFT TO GOD


J - Jesus first
O - Others next
Y - Yourself last

John 14:6
CAPTAINZING2000 is offline   Reply With Quote
Reply


Currently Active Users Viewing this Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

 



All times are GMT -7. The time now is 04:26 PM.