Friday, March 27, 2009

Beware April Fools Worm

A Hooters girl told me her job in military Intelligence with the United States Air Force in Germany was writing code to manufacture computer viruses. All day, every day. Not to defeat viruses. Not anti-virus software. SPREADING viruses...

Experts Warn New "Worm" Set To Infect, Control Millions Of PCs On April 1

Conficker C can generate up to 50,000 domains, 500 of which will be contacted in random per day to receive updated copies of the worm or other malware or instructions.

As of February 13, 2009, Microsoft is offering a $250,000 USD REWARD for information leading to the arrest and conviction of the criminals behind the creation and/or distribution of Conficker.

System network gets unusually congested. This can be checked with network traffic chart on Windows Task Manager. Panda Security, reported that of the 2 million computers analyzed through ActiveScan, around 115,000 (6%) were infected with this malware. The potential scale of infection is large because 30 percent of Windows computers do not have the Microsoft Windows patch released in October 2008 to block this vulnerability. The U.K. Ministry of Defence reported that some of its major systems and desktops were infected. The worm has spread across administrative offices, NavyStar/N* desktops aboard various Royal Navy warships and Royal Navy submarines, and Hospitals across the city of Sheffield reported infection of over 800 computers. On February 1, 2009, Schools in the town of Rochdale, England were infected. The virus spread to 13 schools estimated to have infected 7,500 computers. On February 6, 2009, the computers used by the Houston Municipal Courts were infected with Conficker. How the virus got into the system is unknown. On March 27, 2009, the British Director of Parliamentary ICT released a (leaked) memo stating that the House of Commons computer network has been infected with the virus and called for all people who have access the network to use caution and to not connect any unauthorized equipment to the network. On 15 October 2008 Microsoft released a patch (MS08-067) to fix the vulnerability.[31] Removal tools are available from Microsoft,[32] BitDefender,[33] ESET, Symantec,[34] Sophos,[35] and Kaspersky Lab,[36] while McAfee and AVG can remove it with an on-demand scan.
-Wikipedia, Conficker C

Might be a good day to get out of the house...

No comments: