Beware of PC worm
-
A GOVERNMENT information security watchdog has issued a warning for people to take precautions against a fast-mutating malicious computer program, which is poised to strike on Wednesday.
In a bulletin sent out yesterday, the Singapore Computer Emergency Response Team (SingCert) warned that the latest variant of the Conficker worm, known as Conficker.C, may 'become active on April 1'.
SingCert, a unit of technology sector regulator Infocomm Development Authority, identifies information security threats and coordinates computer security responses to events like hacking attacks.
Conficker targets computers running Microsoft Windows software, automatically jumping from one computer to another over a local network or by hitching a ride on portable storage devices like USB drives. Only computers that have not been updated with new security signatures are vulnerable.
The worm is one of the more sophisticated programs developed to date. Earlier versions of such programs were easily found and removed, but Conficker's creator regularly comes up with improved versions of the worm to foil efforts to remove it. The creator remains at large despite a US$250,000 ($377,000) bounty put up by Microsoft.
The newest variant, Conficker.C, the fourth generation of the worm since it was first discovered late last year, disables security features like Microsoft Windows' automatic update.
One of Conficker's key features is its ability to call up a 'master computer' via the Internet for directions. This feature is present in an improved form in its latest variant. And tomorrow, Conficker.C infected computers will do just that, SingCert warned, although 'the exact nature of the activity that will occur...is not known at this time'.
Mr Paul Ducklin, security company Sophos' Asia-Pacific head of technology, said that while it is possible 'nothing will happen (tomorrow), it is also possible that something will happen and you'd wish you did something about it today'. And even if nothing happens tomorrow, he added, it does not mean that Conficker cannot strike on May 1 and is instructed to, say, erase your computer.
Since its release, Conficker has claimed more than 10 million victims worldwide, including computers used by the British Parliament.
For instructions on how to check if your computer is infected and how to remove the worm, visit SingCert's website at www.singcert.org.sg
--ST
-
Yeh yeh....Wanted to post about this. But too late. Anyway Why must it be tomorrow + how they know? And what damages do they do.
-
New homeland security tool to detect Conficker worm
WASHINGTON (AFP) - - The US Department of Homeland Security released a tool on Monday to detect whether a computer is infected by the Conficker worm.
The department, in a statement, said the detection tool for the Conficker worm, also known as DownAdUP, had been developed by the US Computer Emergency Readiness Team (US-CERT).
"While tools have existed for individual users, this is the only free tool -- and the most comprehensive one -- available for enterprises like federal and state government and private sector networks to determine the extent to which their systems are infected by this worm," said US-CERT director Mischel Kwon.
"Our experts at US-CERT are working around the clock to increase our capabilities to address the cyber risk to our nation's critical networks and systems, both from this threat and all others," he added.
The worm is suspected to have infected million of computers running the Windows operating system and Windows maker Microsoft has offered a 250,000 dollar bounty for those responsible for the worm.
US-CERT recommended that Windows users apply Microsoft security patch MS08-067 to help provide protection against the worm.
The patch is designed to prevent an attacker from remotely taking control of an infected computer system and installing additional malicious software.
Malware could be triggered to steal data, generate spam attacks or turn control of infected computers over to hackers amassing "zombie" machines into "botnet" armies.
The worm is programmed to modify itself on Wednesday, April Fool's Day, according to computer security specialists.
Conficker had been programmed to reach out to 250 websites daily to download commands from its masters, they said, but on Wednesday it will begin connecting with 50,000 websites daily for instructions.
The hackers behind the worm have yet to give it any specific orders.
"That's the interesting thing. The only thing the worm is being asked to do is to ask for further instructions," Steve Trilling, vice president of security firm Symantec, told the CBS program "60 Minutes" in a story aired on Sunday.
--AFP
-
meh...I mean some of this virus are capable to do what they want now. But why is this particular virus so SPECIAL
-
I think this worm sorta attack alot of students lappy .. Quite jialat and the attack was pretty much successful ..
-
lawl the damages?
-
i updated my bitdefender today. is that enough?
-
Originally posted by PWNED32:
meh...I mean some of this virus are capable to do what they want now. But why is this particular virus so SPECIAL
they want everyone to get the patch lo... maybe that patch contains something... -
so how? what should i do. i am at honeywell website
-
no worry i havent come up with a improved error yet..
-
Originally posted by PWNED32:
lawl the damages?
Damages ah? Ask microsoft.
-
http://en.wikipedia.org/wiki/Conficker
-
they say the damages is that your computer can become part of a zombie bot lor, because the attacker has access to it.
i only don't udnerstand about generating domain names.
anyone can explain?
i just did a major scanning yesterday. but no malicious codes found.
-
I know about those zombie thing but then not that serious mah. Not like it spike your pc or something
-
I might be potentially harmful. It was a long time since i scanned my computer 
-
wow pillow wt?