Just Google Conficker and you’d be surprise

Countdown to March First is on it’s way or already depending on your location and People have been sending tweets about the 60 Minutes coverage of the Conficker:

conflickermarch

As you can tell over the last week Google trends is showing a mountain of people looking for this information.  I am so glad the media has talked about this but it has mad a hysteria or frenzy of people trying to find information on this little worm or some are calling a virus.

[ad#cricket-right-ez]

Now I must remind you that [intlink id=”2715″ type=”post”]Conficker.a[/intlink], [intlink id=”2754″ type=”post”]Conflicker.B[/intlink], [intlink id=”3214″ type=”post”]Conficker.C[/intlink], and [intlink id=”3236″ type=”post”]Conficker.D[/intlink] are the only worms or viruses out there and that you should really [intlink id=”2205″ type=”page”]protect yourself from every virus[/intlink] because there are more viruses or worms out there than this one.

There are several Free Anti-virus options Available:

  • Clamwin — I’ve been trying this one out over the past month and it seems to work just as good as the others.
  • Avast Home Edition — AVG does better than this one but people seem to like this so I have to add this for people who like this better than the others.
  • AVG Anti-Virus Free Edition 8.5.283 — This is another free one that can remove viruses really easily. Download this and you don’t have to worry to much.
  • Avira Antivirus — This is a free anti virus software that some people like.  I like AVG myself, it’s all user preference on which one you want to use.

As you can tell I have sever options available in my [intlink id=”2205″ type=”page”]Malware Resource page[/intlink] for you to use this is just a few that can be helpful when trying to protect your system.  With Conflicker disabling your windows update and if you have a lot of systems you need to update your patches, I’d go with [intlink id=”2883″ type=”post”]Autopatche[/intlink]r this little program will help install the necessary Windows updates.  You should follow Microsoft advice when you are trying to fix the your system with regards to the Conflicker.    Remember this is not the only computer threat out on the internet but be vigilant with where you go and what you.   You are the last line of defense when it comes to protecting your money, your identity, and you computer.

Although if you have a lot of systems that your are worried has the conflicker worm, Arstechnica released information on easily detecting this worm.  This looks like a positive step in stoping this worm.

Conficker Discussion Part 2 – Even more stuff to talk about

We’ve heard in the[intlink id=”3214″ type=”post”] coming days there will be an update for the Conficker.C Worm[/intlink] and Microsoft has Released even more information about it: For Instance:
[ad#cricket-right-ez]

Win32/Conficker.C is a worm that infects other computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.(was reported to Microsoft on February 20, 2009.)

Win32/Conficker.D is a variant of Win32/Conficker. Conficker.D infects the local computer, terminates services, blocks access to numerous security related Web sites and downloads arbitrary code. Conficker.D can relay command instructions to other Conficker.D infected computers via built-in peer-to-peer (P2P) communication. This variant does not spread to removable drives or shared folders across a network (as with previous variants). Conficker.D is installed by previous variants of Win32/Conficker. (was reported to Microsoft on March 4, 2009.)

As you can tell, this seems to be two different Variants starting to emerge.  Now let’s go a little bit more deeper shall we.  According to US-CERT(United States – Computer Emergency Readiness Team) , They claim that this is Widespread infection and have posted about it on there website TA09-088A.

My one questions is Why is the US getting ready for this Conlicker worm, are they worried that what happened to the Parliament will happen to some branch of the White House.  This seems to be an even more hype building over this worm.  Everyone will tell you the same thing, they are not sure what will happen on April 1, 2009.  I think it will be a normal day and all because with all news about the Conficker worm, the person who wrote this won’t want the light shined on them before they get there foot hold in systems.  So you will most likely not notice anything special on April Fools day due the awareness of the worm.

But don’t forget to update your [intlink id=”2205″ type=”page”]Anti-virus software[/intlink] and also might be time to add a good [intlink id=”2205″ type=”page”]free firewall to help protect yourself[/intlink] from this worm.

What will happen on April 1? Conficker discussion!

I saw that F-secure has posted what a Question and Answer on the Conficker Worm.  I wanted to talk about this a little myself:

Q: I heard something really bad is going to happen on the Internet on April 1st! Will it?
A: No, not really.

Q: Seriously, the Conficker worm is going to do something bad on April 1st, right?
A: The Conficker aka Downadup worm is going to change it’s operation a bit, but that’s unlikely to cause anything visible on April 1st.

[Via F-secure Website]

[ad#cricket-right-ez]I am like everyone else, I really don’t know what will happen it is always going t to be media exposure when it comes to Worms, Viruses, or Trojans.  Virus Writers whoever “THEY” are, will always want to update there infected systems to keep the virus(Also worms, and Trojans) on peoples systems.   This is the way of security firms will always have to predict them, keep up with them, or just follow them.  This will never  change because as virus writers want to find even more ways to infect systems that is the necessity of Anti-virus Software.

I don’t know what will happen on April 1, you most likely will be fine if not you won’t know it until you try to update your system or update your anti-virus software.  One way you can find out if your infected is by trying to serf to security vendors like F-secure, Norton, and Kasperky.  If you Can’t get to those sites then you most likely have a Virus or Worm, and it could be this worm!!

  1. Make the worm harder to detect — This is a common practice they want to be able to hide the worm for as long a possible.  So they will always tweak it to make it that much hard to detect and remove.
  2. Make the Worm easier to infect systems —  This is another common practice, because without having systems there is no need for a Command and Control server.  The worm could do things such as Denial of Service, Or send out spam, or steal sensitive information.  This is the nature of why people make viruses, Trojans, or Worms.
  3. Easily update the virus software — as with any software the virus writers will come up with easier ways of updating the software, because the security will do whatever they can to prevent the update.  This is also the nature of why there will always be updating of the code.  They will put in more ways to keep the virus, worm or Trojan from being blocked.   Like the Conflicker has some Peer to Peer functionality, so if one company blocks the update another way it could get the update is Peer to Peer.  So you can’t block it very easily.

So what will happen April 1?  Who knows it could be a normal day, or it could be the biggest [intlink id=”3208″ type=”post”]April Fools joke[/intlink] ever.  That is why I put that in my last blog post.  With so much Media Frenzy the security firms don’t know what the Worm will do when it updates, all they can do is wait.   So let’s take a deep breath and relax, there’s nothing we can do just yet!!

The April fools Joke, You’ve got a computer worm!

Cluely’s blog talks about this and I thought I would talk about it a little myself!!

[ad#cricket-right-ez]This is the newest version of the Conflicker/Downadup variant of the little worm.  There seems to be people who are worried that April 1, there will be a major wake up in security no holds bar problems.

Some people have got rather confused as to what the April 1st deadline really means. The truth is that Conficker is not set to activate a specific payload on April 1st. Rather, on April 1st Conficker will begin to attempt to contact the 50,000-a-day potential call-home web servers from which it may receive updates.

[Via Graham’s Cluely Blog]

Now let’s talk about this a little, this worm won’t do anything else but ask for updates on April 1, and we don’t know when the virus writers will implement the update it could be a month down the line.  You could[intlink id=”3171″ type=”post” target=”_blank”] Backup[/intlink] your software and use the free program [intlink id=”2883″ type=”post” target=”_blank”]Autopatcher[/intlink] to help make sure your system is completely up to date with windows security.  You can’t forward the to that date to find out what will it call home to.    We don’t know what it will do when they update to the conficker.c program all we know it starts to try to call to certain domains on April 1, 2009.  So you should install [intlink id=”2205″ type=”page”]Anti-virus and Firewalls[/intlink] where you think it is needed.

I am sure though this will be an really big April Fools Joke from the Virus Programmers, they will be laughing at the hysteria of people trying to find out all the important information on April 1, and yet it might not start to happen until much later!!  You are the first line of defense from getting a virus or any malware.  So let’s keep our heads on straight and not go over board!  Only time will tell, and I am sure what happens on Apr 1, 2009 will be a new day.