It ’s footle in millions of PCs around the world . It ’s incredibly sophisticated and resilient , with build - in p2p and digital code - sign language technology . It revels in killing security computer software . On April 1 , the Conficker worm will activate .
The scariest thing about the Conficker worm is that literally jillion of taint Windows personal computer could be colligate together to do its bidding . The 2nd scariest affair is that no one really knows what its creator is going to do with this virtual US Army on April 1 , when it ’s schedule to contact a server for instructions . It ’s so bad , Microsoft hasa running $ 250,000 bountyfor the author , dead or alive . ( Well , they probably need him alert , but they detest his grit . )
TheNew York Times ’ John Markoff polish up upsome of the more ingeniously evil hypothesis in a compelling clause , the most sinister being a “ Dark Google , ” postulated by University of California at San Diego researcher Stefan Savage , that would let uncollectible multitude scour zombie machine all around the world for data point to sell to other bad citizenry .
But let ’s back up a piece . Conficker — whose unearthly name is a combination of “ configuration ” and a slightly more cultivated word for f***er , according to Urban Dictionary — in reality start life as a lowly , “ not very successful ” worm in November , says Vincent Weafer , VP at Symantec Security Response . Weafer told us it exploited a Microsoft remote host vulnerability that had already been announced and patched the old calendar month , so the only organisation that were vulnerable were the ones that were n’t up to day of the month .
The B release , pushed in December , on the other manus , was “ wildly successful , ” say Weafer , infect millions of unpatched computers because it ’s an strong-growing little dickhead — the first worm in year on a shell like Blaster . It has build - in p2p capabilities , and brutish forces its way into open shared folders or printer , so it can crawl an government agency web quickly . It also piggybacks onto USB flash and hard drives . On top of all that , it ’s design to be fabulously resilient , killing certificate software , incapacitate Windows Update , and apprehend down recondite .
The C release came out this retiring month . It does n’t go after new machines — it ’s actually a payload for computers already infect with B. It transform Conficker from a sneeze pandemic into a earnestly nasty plague . With C , its p2p powers are extend further , with digital computer code - signing , so it only accepts trusted code update from itself . That means security expert ca n’t plainly inject computer code to neutralize it . The patch also made Conficker better at killing security department software . And it spread out the scope of the domains it assay to reach for instructions from 250 to 50,000 , altogether neutralizing security measure experts ’ previous maneuver of seize the domains . There ’s efficaciously no way to the stinger the head off of this fiend ophidian . The stage is set : On April 1 , Conficker will extend to out for the meg - strong zombienet ’s next set of instructions .
So what will come about ? Well , no one have a go at it for sure . Conficker ’s Divine can do whatever he wants with his army . Launch monolithic denial - of - service blast , setup the “ Dark Google ” consortium , target millions of newfangled machines , or generate a tidal wave of junk e-mail that ’ll crash against server all over the world .
Most likely though , Weafer told us , Conficker ’s Maker is motivated by money — they’ll lease it out . And if Conficker ’s used as a massive doomsday dick , they ’ll “ quickly lose the power to make money ” with it . A grim primal operation harnessing the business leader of computer that are principally located in educate Carry Nation may not have a big impact , though it would sure enough prepare a frightful precedent : Whatever Conficker ’s results , they will direct others to develop this idea in direful new directions .
Conficker ’s forward-looking approach that utilizes p2p , code - signing and a spread domain setup will very maybe serve as brainchild to other malware writers , who Weafer said “ you’re able to bet ” are watching Conficker ’s success very closely , just as Conficker ’s God Almighty have clearly learned from past malware . It ’s like evil unresolved rootage .
That does n’t mean April 1 will be a “ digital Pearl Harbor . ” If your political machine is patched and up to date , theMicrosoft Report ’s Ed Botttells us , you ’ll probably be completely ok . And yes , you’re able to get rid of itif you materialise to be infected . There is an outside prospect Conficker could deform into a massive parallel computer that borders on self - cognizant , come April 1 , but more than potential , the day will come and go without you noticing anything weird , just some redundant junk e-mail in your box seat for some V@ltr3xxx .
Still something you still wanna hump ? transport any questions about worm , V14GRA , or Jason Chen ’s pants to[email protected ] , with “ Giz Explains ” in the subject assembly line .
HackersHacksMicrosoftVirusesWindowsWormWorms
Daily Newsletter
Get the best tech , skill , and acculturation intelligence in your inbox daily .
newsworthiness from the future , delivered to your present .
You May Also Like
