Thursday, 26 March 2009


The Conficker virus story is getting very interesting:

There's been lots of hype about the fact that the latest variant of the Conficker worm is set to start communicating with other computers on the Internet on April 1--like an April Fool's Day time bomb with some mysterious payload.

But security researchers say the reality is probably going to be more like what happened when the clocks on the world's computers turned to January 1, 2000, if that.

"It doesn't mean we're going to see some large cyber event on April 1," Dean Turner, director of the global intelligence network at Symantec Security Response, said on Wednesday.


"Most of these criminals, even though they haven't done something with this botnet yet, are profit-driven," said Paul Ferguson, an advanced-threats researcher for Trend Micro. "They don't want to bring down the infrastructure. That would not allow them to continue carrying out their scams."

Translation. There's a powerful worm out there that is set to go off in an unknown way April 1st. It likely won't destroy your computer, its likely to be used to scam you out of money.

(snark) Yay, that option is so much better. (/snark)

What is being done to fight Conficker?
Microsoft has partnered with all the major security companies and domain registrars and registries to form the Conficker Coalition Working Group. The parties are collaborating on research, trying to put the pieces of the puzzle together and figure out who is behind the worm and how to stop it. They are using techniques like behavioral analysis of the code and reverse engineering, but researchers don't want to reveal too much information on their efforts. "We have made headway but I'm hesitant to talk about how far we've gotten," Turner said.

Told you this thing was smart. In 6 days we'll find out how smart.

No comments: