Category: Virus

Conficker maps of US!

Paul

conficker_us_map

The Conficker Work Group has been busy the last few days compiling data of where the [intlink id=”3240″ type=”post”]Conficker Worm[/intlink] is in the world.  I am just showing one of the many pictures they have compiled.

[ad#cricket-right-ez]

Now I must say this isn’t entirely accurate, but it gives a good impression of how many computers in the US have been infected and still need to be removed.   Giving that most of these are business that haven’t updated there Windows Machines, this isn’t surprising.  So I am guessing that if this map is close to what we expected, some of the companies didn’t do anything about[intlink id=”3214″ type=”post”] Conifcker during the hype[/intlink].

That being said, I would like people to answer this question?  Has any technicians had to disinfect systems that had the conficker worm?  Are you seeing a rise in repairs, in regards to conficker related problems?

I was look around there website, the Conficker Work Group, and I stumbled on a really good resource.  It is called Conficker Eye Chart.  If certain images don’t load then you might be infected.   If you want to find out if your infected go check the chart out for yourself.

The Group also has a great list of tools to remove the Conficker Worm.    Although, I have been saying for the past week that the best way to prevent from getting infected is having [intlink id=”2205″ type=”page”]Anti-virus, and Firewalls[/intlink].  You will also need to remember that only you can prevent from getting a computer virus or worm, you’re the last line of defense!!

Mac Users aren’t Immune, so stop broadcasting “You’re glad you have a MAC”

Paul

With the Conficker going on right now, I am seeing more and more Tweets about Mactwitconficker and

twitconficker

[ad#cricket-right-ez]

Now I might not know a lot but this type of Smug confidence will be the downfall of the Mac’s in the coming years.  I have to ask do you not expect to get a virus at ALL?    You see when a company like Apple starts to get above a certain degree in the eyes of the hackers.  They will become a target, not a big target but a target.

In one of my post I talk about [intlink id=”2173″ type=”post”]Mac’s and Botnet[/intlink], you should really read it.  It talks about why Apple will become the next fail whale.    Some other Articles to Consider are:

And So I went into Google to see the trends for “Mac Virus” and Here is what I seen:

Mac Virus Google Trend

As you can tell Mac’s Virus and Maleware are on the rise.  This doesn’t mean you have to worry about the Conficker worm, but you have to Worry.  Most Apple Users are over confident that they will never get a virus or maleware on there system to the point that they will install it because they think they won’t get it.   I’ve seen in the past where Mac users are [intlink id=”2801″ type=”post”]download programs illegally[/intlink] just because they think they are not going to a Virus or Maleware.

It just gets me going when I constantly see people post about how they have a Mac.  I guess that Mac Ads are working but soon very soon they will change.    Although the mentality of the Mac not getting a virus is so god like that one day something like the Conficker worm will hit Mac’s exclusively because of the attitude of users.  Should Mac’s get anti-virus software, has been asked so many times in the past months that it makes me wonder.  Who has made this happen in the first place?  I’d have to point to Apple.  I don’t agree with there MAC Tax when it comes to buying a computer and will never pay for a mac.  So the next time I see people broadcasting they are glad they have a mac, I’ll just have to send them to this page!!  No Operating system is 100% secure or safe, even Linux systems can have viruses.

Just Google Conficker and you’d be surprise

Paul

Countdown to March First is on it’s way or already depending on your location and People have been sending tweets about the 60 Minutes coverage of the Conficker:

conflickermarch

As you can tell over the last week Google trends is showing a mountain of people looking for this information.  I am so glad the media has talked about this but it has mad a hysteria or frenzy of people trying to find information on this little worm or some are calling a virus.

[ad#cricket-right-ez]

Now I must remind you that [intlink id=”2715″ type=”post”]Conficker.a[/intlink], [intlink id=”2754″ type=”post”]Conflicker.B[/intlink], [intlink id=”3214″ type=”post”]Conficker.C[/intlink], and [intlink id=”3236″ type=”post”]Conficker.D[/intlink] are the only worms or viruses out there and that you should really [intlink id=”2205″ type=”page”]protect yourself from every virus[/intlink] because there are more viruses or worms out there than this one.

There are several Free Anti-virus options Available:

  • Clamwin — I’ve been trying this one out over the past month and it seems to work just as good as the others.

  • Avast Home Edition — AVG does better than this one but people seem to like this so I have to add this for people who like this better than the others.

  • AVG Anti-Virus Free Edition 8.5.283 — This is another free one that can remove viruses really easily. Download this and you don’t have to worry to much.

  • Avira Antivirus — This is a free anti virus software that some people like.  I like AVG myself, it’s all user preference on which one you want to use.

As you can tell I have sever options available in my [intlink id=”2205″ type=”page”]Malware Resource page[/intlink] for you to use this is just a few that can be helpful when trying to protect your system.  With Conflicker disabling your windows update and if you have a lot of systems you need to update your patches, I’d go with [intlink id=”2883″ type=”post”]Autopatche[/intlink]r this little program will help install the necessary Windows updates.  You should follow Microsoft advice when you are trying to fix the your system with regards to the Conflicker.    Remember this is not the only computer threat out on the internet but be vigilant with where you go and what you.   You are the last line of defense when it comes to protecting your money, your identity, and you computer.

Although if you have a lot of systems that your are worried has the conflicker worm, Arstechnica released information on easily detecting this worm.  This looks like a positive step in stoping this worm.

Hotmail accounts get compromised!!

Paul8 Replies

I received an email on a list and wanted to warn people:
[ad]

Dear friend,
i would like to introduce a good company who trades mainly in electornic products. Now the company is under sales promotion, all the products are sold nearly at its cost. They provide the best service to customers,they provide you with original products of good quality,and what is more,the price is a surprising happiness to you! It is realy a good chance for shopping.just grasp the opportunity,Now or never!
The web address: http://www.nekcn.com

Seems this is being sent from Hotmail accounts. There are a number of ways someone could be getting a hold of your email address. According to Microsoft forums this seems to delete your email contacts and also send out this in the same time. This seems to be a new spam campaign for this one company. I would guess someone bought advertising from this company and the advertiser is doing some really unmoral things.

There are several ways someone hotmail account could be sending out these emails. It could be a [intlink id=”2650″ type=”post”]phishing attempt like they did with Twitte[/intlink]r. They could of done a dictionary attack on each account to find the password, that I why [intlink id=”2646″ type=”post”]I suggest having a password generator[/intlink]. It could of been a virus, and if that is the case you would need to [intlink id=”2205″ type=”page”]check your system out for the virus[/intlink]. I would guess it is the first two, because I am unsure of if you can have pop3 account or not. I don’t use Hotmail but people seem to be using it.

If you recieve this email, I’d email the account responsible to let them know that they have sent this.  I would also like to know if it was a virus or how they account got compromised.   Remember only you can prevent from getting a virus, nothing else works better than yourself.

What will happen on April 1? Conficker discussion!

Paul

I saw that F-secure has posted what a Question and Answer on the Conficker Worm.  I wanted to talk about this a little myself:

Q: I heard something really bad is going to happen on the Internet on April 1st! Will it?
A: No, not really.

Q: Seriously, the Conficker worm is going to do something bad on April 1st, right?
A: The Conficker aka Downadup worm is going to change it’s operation a bit, but that’s unlikely to cause anything visible on April 1st.

[Via F-secure Website]

[ad#cricket-right-ez]I am like everyone else, I really don’t know what will happen it is always going t to be media exposure when it comes to Worms, Viruses, or Trojans.  Virus Writers whoever “THEY” are, will always want to update there infected systems to keep the virus(Also worms, and Trojans) on peoples systems.   This is the way of security firms will always have to predict them, keep up with them, or just follow them.  This will never  change because as virus writers want to find even more ways to infect systems that is the necessity of Anti-virus Software.

I don’t know what will happen on April 1, you most likely will be fine if not you won’t know it until you try to update your system or update your anti-virus software.  One way you can find out if your infected is by trying to serf to security vendors like F-secure, Norton, and Kasperky.  If you Can’t get to those sites then you most likely have a Virus or Worm, and it could be this worm!!

  1. Make the worm harder to detect — This is a common practice they want to be able to hide the worm for as long a possible.  So they will always tweak it to make it that much hard to detect and remove.

  2. Make the Worm easier to infect systems —  This is another common practice, because without having systems there is no need for a Command and Control server.  The worm could do things such as Denial of Service, Or send out spam, or steal sensitive information.  This is the nature of why people make viruses, Trojans, or Worms.

  3. Easily update the virus software — as with any software the virus writers will come up with easier ways of updating the software, because the security will do whatever they can to prevent the update.  This is also the nature of why there will always be updating of the code.  They will put in more ways to keep the virus, worm or Trojan from being blocked.   Like the Conflicker has some Peer to Peer functionality, so if one company blocks the update another way it could get the update is Peer to Peer.  So you can’t block it very easily.

So what will happen April 1?  Who knows it could be a normal day, or it could be the biggest [intlink id=”3208″ type=”post”]April Fools joke[/intlink] ever.  That is why I put that in my last blog post.  With so much Media Frenzy the security firms don’t know what the Worm will do when it updates, all they can do is wait.   So let’s take a deep breath and relax, there’s nothing we can do just yet!!