Wednesday, 1 April 2009


The creators of Conficker made a wise choice picking April 1st. On 570 news this morning, they kept repeating that Conficker was either Armageddon or an April Fool's joke. This upset me to no end, as their news article was completely false.

So I sent them an e-mail:

Please stop referring to Conficker as a "April Fools" joke. You did a massive disservice to your listeners on this morning's news implying it could be just a prank.

It is not, it is real. It's as real as a computer threat can be. Do people need to panic? Absolutely not. They just need to be informed on what to do to protect themselves, or to clean it up if infected.

Conficker may not go off today. But that does not mean the threat has ended. Conficker was coded to retrieve new instructions today. What those instructions are, are unknown.

And that's the danger of this program. It self mutates and updates itself with new code.

Today it could do nothing.

Next week it could pop up an ad trying to get money from you.

Next month it could format your hard drive.

This is a really good summary

Despite the uneventful passing of the activation deadline, the threat presented by Conficker remains real.

"These guys are very sophisticated, very professional, very determined and very measured in how they implement and make changes to things," Ferguson said, adding that Conficker.c is better defended and more survivable than previous versions of the worm. "This activation on April 1 was probably just arbitrary and picked to cause hysteria."

At some point, the people behind Conficker.c could try to generate revenue from the botnet they've created or they could have other intentions.

"The big mystery is that there's this big loaded gun out there, this network of millions of machines that's under the control of persons unknown," Ferguson said. "They've given no indication of what their motives are other than toying with people."

Inform yourself, inform your listeners.

No comments: