Sunday, March 29, 2009

Conficker on your computer - update

Conficker is a malicious software program that grabbed global attention when it began spreading late last year and quickly infected millions of computers with software code to convert them into a powerful computer known as a botnet. I have received a few question from friends about what this is and what should they do to combat it.

 

Update: German researchers score Conficker detection breakthrough from ZDNet blogs

Just days ahead of an April 1st activation date for theConficker worm squirming through the Windows operating system, security researchers at the Honeynet Project have scored a major breakthrough, finding a way to fingerprint the malware on infected networks.

Read more

 

In today's ( March29th 2009) Washington Post Rob Pregoraro writes in an article "Combating Conficker"

 

If you've set Windows to install Microsoft security patches automatically and have kept your anti-virus utility current, you should be safe. So if you haven't been downloading those updates, now would be a swell time to start.

On April 1, copies of Conficker may download extra-malicious code -- to do what remains unclear -- so you'd better make sure your PC is clean before then.

The Internet Storm Center, a project of the Bethesda-based SANS Institute, maintains a list of links to Conficker-removal tools from numerous security-software developers (http://isc.sans.org/diary.html?storyid =5860). Since Conficker can stop you from getting to that page and those links, you may need to borrow an uninfected machine to download a removal tool. Some vendors also have set up alternate Web addresses that Conficker doesn't know about; for instance, try http://fsecure.com or http://bdtools.net for free Conficker fixes from F-Secure and BitDefender.

If you are more tech savvy then visit the blog of The Microsoft Security Response Center (MSRC) http://blogs.technet.com/msrc/default.aspx to learn more about Conficker.

Many security experts around the world are coming together to work to combat Conficker. Read Brian Kreb's blog Security Fix also at the Washington Post

Security software maker F-Secure has put together an interesting and entertaining FAQ on Conficker, which I highly recommend that anyone worried about this threat go read. F-Secure also has a free cleaning tool available at that link. Byron Acohido at USA Today has compiled a veryreadable timeline of notable events in Conficker's brief history.

According to http://blog.borgnet.us :

The existence of the botnet has brought together some of the world’s best computer security experts to prevent potential damage. The spread of the malicious software is on a scale that matches the worst of past viruses and worms, like the I Love You virus. Last month, Microsoft (0) announced a $250,000 reward for information leading to the capture of the Conficker author.

Botnets are used to send the vast majority of e-mail spam (0) messages. Spam in turn is the basis for shady commercial promotions including schemes that frequently involve directing unwary users to Web sites that can plant malicious software, or malware, on computers.

Botnets can also be used to distribute other kinds of malware and generate attacks that can take commercial or government Web sites off-line.

One of the largest botnets tracked last year consisted of 1.5 million infected computers that were being used to automate the breaking of “captchas,” the squiggly letter tests that are used to force applicants for Web services to prove they are human.

Post a Comment