I would never want to be labeled as an “Alarmist’ but I hope my post today will make some folks take some reasonable steps to protect themselves. After a lot of research and debate I have been convinced that April 1st is not going to be a good day for the Internet.
I’ve written about the Conficker worm (alias Downadup) a number of times and this may not be the last time I mention it. There are well over a million Windows PC’s which are currently infected with Conficker. On April 1st the infected machines will be reaching out to number of web domains to download an additional component which will contain new instructions. How Conficker will mutate is anyones guess. It could be anything from turning a machine into a spam-bot or launching a widespread cyberterror attack. My guess it will be something designed to make money.
Reverse engineering Conficker exposes April 1st
Complements of Zarestel Ferrer
April 1st will be a day that shows us who's winning the battle against malware. If your machine doesn't already have all the Windows security patches installed ,I'd unplug from the Internet on April Fools Day. Getting a new computer? If a new un-patched computer arrives on that day I'd wait until the 2nd before connecting it to the Internet.
So, if you’ve been planning on running the Windows Update service, this would be a good week to do it. If you don’t have a routine back-up plan you might want to back up your important data by the end of the month.
I’m really not trying to be Chicken Little and freak people out. I’m not predicting any kind of global outage. I’m just suggesting that a properly patched Window system is good idea. I’m also not trying to scare you into upgrading to my WinPatrol PLUS to protect yourself. The free version offers just as much protection against this threat. The key point here is to make sure you have all the security patches available for free from Microsoft.
I’m actually flying to Washington Dulles Airport on April 1st so I really hope that United Airlines has all their systems protected.
Update: Real Conficker Danger is on March 31st
It's important to point out that April 1st begins earlier in other parts of the world. We'll be watching for activity to begin on March 31st from Austrailia, China, Japan, etc...
Update 3/29: Conficker Fact or Fiction
References:
SRI International Conficker C Analysis March 19th, 2009
CA Security Research Blog
Internet Storm Center: Third party info on conficker
Microsoft: Virus alert about the Win32/Conficker.B worm
Microsoft’s Malicious Software Removal Tool
Microsoft Security Bulletin MS08–067 October 23rd, 2008
F-Secure WebLog Conficker Q&A March 26,2009
Leaked Memo says Conficker Pwns Parliament
0 comments:
Post a Comment