Post by Deleted on Apr 1, 2009 17:40:40 GMT -5
(CNN) -- Experts watched warily Wednesday as a worm infecting millions of computers activated itself as predicted on April 1. Computer users will not know that Conficker.c has infected their machine.
However fears the Conficker.c worm would cause chaos have so far proved unfounded, with no reports of major problems. "As long as you've patched or at least brought your antivirus software up to speed, you should be fine," said Chris Pirillo, a tech expert for CNN.com. And there are plenty of anti-virus software packages available. "I believe just about everybody out there," Pirillo said, "has a removal tool." Still, the worm could cause problems, he said. Unlike viruses, worms self propagate, spreading by networks. "Once it's out there, it's very difficult to stop," Pirillo said.
He predicted that "the worst possible outcome" would be that some computers would run "suboptimally," as network traffic becomes clogged. And its ability to do that is cleverly designed: Conficker.c has a feature that disables the Windows update program in the Microsoft product, keeping Windows from becoming patched, Pirillo said. It also disables the auto-update capabilities of many anti-virus software programs. Pirillo said it may be a week or more before the true impact of the worm is known, but he predicted it will have one. "It's going to be very annoying to say the least," he said. "It's going to impact network traffic."
Lawrence Baldwin, the chief forensics officer with mynetwatchman.com, an Internet security site based in Atlanta, said the motivations of Conficker.c designers appear to be different from the those who designed previous worms, which infected millions of computers but had little impact. "Three or four or five years ago, they were plainly trying to prove how smart they were," he said. Now, he said, the designers' motivation appears to be financial. "They can make serious amounts of cash with a variety of means." Still, he predicted, any damage will be limited. "I don't suspect that we're going to have any kind of global meltdown as a result of this thing. I think what we'll see is that the purpose and intent of Conflicker is to deploy a whole plethora of secondary malware -- spam, Trojans, key loggers, distributed denial-of-service attacks, adware, etcetera, etcetera. Basically, all the things that the criminal can make money with."
Widespread media coverage of the threat may have motivated many individuals and corporations to act, possibly minimizing the potential impact. But just what is that threat? Computer experts acknowledged they don't know for sure. "The biggest question is what is actually going to happen?" said Simit Shah, director of Web operations for CNN.com. So far, the worm "kind of calls home and says, 'What should I do?'" he said. And so far, the response has been to do nothing, he said.
But on Wednesday, the worm is expected to expand its daily call list from a set list of 250 sites to 500 Web sites chosen at random from 50,000, "so it becomes harder to continue using some of the countermeasures that have worked so far," he said. The worm "could end up connecting to one of these sites and say, 'Go do something,'" he said. That "something" could wind up being any of a number of different kinds of attacks on any of a number of Web sites, including government ones, he said. He said the worm already controls more than 10 million computers by some estimates and is very sophisticated. "If someone says, 'I want to try to hack some system and try millions of combinations of Social Security numbers,' they could purchase this computing power to do that," Shah said.
In February, security experts' efforts to fight back got a boost when Microsoft offered a $250,000 reward to anyone who could catch the worm authors. That resulted in the formation of Conficker Cabal, a group of security experts trying to combat the worm. Despite the worm's potential for causing damage, its still-unknown authors have earned "a lot of respect" from the security experts, Shah said. "These guys are doing stuff you don't normally see done," he said. One of the first things it does is to disable a computer's automatic updates, he said. In October, Microsoft released a patch to fix this vulnerability, but many computer users have not updated yet. And, "once you get the worm, it disables your ability to update," Shah said.
Mac users are in luck, since the worm is designed solely to exploit Microsoft software. "A Mac is not impervious to nasties," Pirillo said. "It's just that the tallest nail always gets pounded, and right now Windows is the tallest nail."
I just downloaded Norton so I think I'm good...
And if you don't have any protection, and you're worried...
Here's the link: shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.106300/pbPage.Trialware_en_US
However fears the Conficker.c worm would cause chaos have so far proved unfounded, with no reports of major problems. "As long as you've patched or at least brought your antivirus software up to speed, you should be fine," said Chris Pirillo, a tech expert for CNN.com. And there are plenty of anti-virus software packages available. "I believe just about everybody out there," Pirillo said, "has a removal tool." Still, the worm could cause problems, he said. Unlike viruses, worms self propagate, spreading by networks. "Once it's out there, it's very difficult to stop," Pirillo said.
He predicted that "the worst possible outcome" would be that some computers would run "suboptimally," as network traffic becomes clogged. And its ability to do that is cleverly designed: Conficker.c has a feature that disables the Windows update program in the Microsoft product, keeping Windows from becoming patched, Pirillo said. It also disables the auto-update capabilities of many anti-virus software programs. Pirillo said it may be a week or more before the true impact of the worm is known, but he predicted it will have one. "It's going to be very annoying to say the least," he said. "It's going to impact network traffic."
Lawrence Baldwin, the chief forensics officer with mynetwatchman.com, an Internet security site based in Atlanta, said the motivations of Conficker.c designers appear to be different from the those who designed previous worms, which infected millions of computers but had little impact. "Three or four or five years ago, they were plainly trying to prove how smart they were," he said. Now, he said, the designers' motivation appears to be financial. "They can make serious amounts of cash with a variety of means." Still, he predicted, any damage will be limited. "I don't suspect that we're going to have any kind of global meltdown as a result of this thing. I think what we'll see is that the purpose and intent of Conflicker is to deploy a whole plethora of secondary malware -- spam, Trojans, key loggers, distributed denial-of-service attacks, adware, etcetera, etcetera. Basically, all the things that the criminal can make money with."
Widespread media coverage of the threat may have motivated many individuals and corporations to act, possibly minimizing the potential impact. But just what is that threat? Computer experts acknowledged they don't know for sure. "The biggest question is what is actually going to happen?" said Simit Shah, director of Web operations for CNN.com. So far, the worm "kind of calls home and says, 'What should I do?'" he said. And so far, the response has been to do nothing, he said.
But on Wednesday, the worm is expected to expand its daily call list from a set list of 250 sites to 500 Web sites chosen at random from 50,000, "so it becomes harder to continue using some of the countermeasures that have worked so far," he said. The worm "could end up connecting to one of these sites and say, 'Go do something,'" he said. That "something" could wind up being any of a number of different kinds of attacks on any of a number of Web sites, including government ones, he said. He said the worm already controls more than 10 million computers by some estimates and is very sophisticated. "If someone says, 'I want to try to hack some system and try millions of combinations of Social Security numbers,' they could purchase this computing power to do that," Shah said.
In February, security experts' efforts to fight back got a boost when Microsoft offered a $250,000 reward to anyone who could catch the worm authors. That resulted in the formation of Conficker Cabal, a group of security experts trying to combat the worm. Despite the worm's potential for causing damage, its still-unknown authors have earned "a lot of respect" from the security experts, Shah said. "These guys are doing stuff you don't normally see done," he said. One of the first things it does is to disable a computer's automatic updates, he said. In October, Microsoft released a patch to fix this vulnerability, but many computer users have not updated yet. And, "once you get the worm, it disables your ability to update," Shah said.
Mac users are in luck, since the worm is designed solely to exploit Microsoft software. "A Mac is not impervious to nasties," Pirillo said. "It's just that the tallest nail always gets pounded, and right now Windows is the tallest nail."
I just downloaded Norton so I think I'm good...
And if you don't have any protection, and you're worried...
Here's the link: shop.symantecstore.com/store/symnahho/en_US/ContentTheme/ThemeID.106300/pbPage.Trialware_en_US
(