How the Conficker Problem Just Got Much Worse

How the Conficker Problem Just Got Much Worse

i.gizmodo.com

In the first minute of April 1, Conficker did exactly what everyone knew it was going to do: It successfully phoned home for an update. And while it was fun to imagine what nasty payload that update may have included (it was fun, wasn't it?), the result was not outwardly catastrophic; rather than a blueprint for world domination, the update contained instructions on how to dig in even deeper.

(visit the link for the full news article)




[edit: title to same as source]
Headline: Please use the original story headline from your source.

[edit on 4-4-2009 by 12m8keall2c]

Its weird how people are giving all of the attention in the world to pointless topics about some dude who can create portals or something weird like that... but the real important things get overlooked.

For those of you who don't know about it, let me introduce you to possibly the last thing you may ever know about the Internet; The Conficker Virus.

Don't just roll your eyes and say "oh man... another worm"... because this worm actually has the capability to destroy the Internet as we know it overnight. The Conficker virus is not your conventional virus. Its a megaworm designed to attack specifically the Microsoft Windows Operating System. It infiltrates your computer, blocks your virus software from retrieving updates, blocks you from accessing web pages such as Microsoft's Update page which pretty much makes it impossible for you to remove the virus.

Some other symptoms include but are not limited to:
account lockout/ policies being reset
domain controllers responding slowly to client requests
congestion of local area networks.


Once on your computer, the worm then starts its real dirty work. It attacks the node your Internet service is based out of infecting every computer that is also connected to that particular node. The virus then spreads through every means possible. Have a thumb drive? the second you plug it into an infected computer the virus attaches itself to the thumb drive and whatever doomed computer you plug that thumb drive into afterwards is now infected along with the entire network that particular computer is connected to as well... and this is all done silently.

The scary part of this virus is once its in... It sends for update information on its own... meaning that the millions of computers affected world wide by this virus are under the control of a single commander. He hasn't yet, but when the person behind the creation of this virus feels the need to absolutely devastate the Internet, all he has to do is send out the order and he will bring millions of computers to his mercy.

so you're thinking... how has this person not been caught yet? Microsoft has a 250,000 dollar bounty on the creaters head who is suspected to be based in china somewhere.

"What the April 1 update did was simple: It provided instructions for linking up with the thousands, perhaps tens of thousands of new nodes registered by Conficker.c over the last few weeks, effectively growing the size of the p2p botnet to a point where it can not be stopped."

for more info please see the gizmodo news article.

some information about this virus:
en.wikipedia.org...

how to tell if you're infected:
www.confickerworkinggroup.org...

more information:
www.f-secure.com...

People... this is far more than just an April fools joke now... this is real and the entire Internet is at stake.


i.gizmodo.com
(visit the link for the full news article)

[edit on 4-4-2009 by Anomen]

more good reason to buy and use a Mac!

Let me just point out that this worm in NO way has the teeth necessary to kill the internet like some are suggesting, when it gets updated to attack BGP and DNS then perhaps I will have to eat my hat but I suspect the motives of the authors leans more towards financial gain than the 'max lulz' of shutting down even a portion of the internet.

reply to post by prjct


You know how much of the Internet is windows based? if this virus does take down the windows based operating systems... you're not going to be able to do very much even if you do have a mac. At least for a while until people change their servers.

reply to post by Helig


I beg to differ. I don't think the creater is after any financial gain at all... if he wanted that all he had to do was hack a few computers and rob a few bank accounts. No... this is definitely designed for a more sinister purpose.

edit: and to further argue... it has already updated so it definitely has the teeth to continue as it pleases. Just what will happen in the next update is the big mystery.

[edit on 4-4-2009 by Anomen]

Just a though, but what a great way to cut us off from information in the time of need.
Plant the worm, have it check back for instructions and wait until something happens globaly, then activate it...
a majority of the people would be left with MSM and we all know who controls what they cover.

Ok , it just struck me as odd with everything going on , yea i know far fetched thinking..

most computers that keep the internet alive run on OSs other than windows. so as far as that goes, i think we're good. Unfortunately there are a ton of people that run a windows machine and have no idea what's going on inside of it. Some might wake up one day and find $0 in their bank statement and a dead PC but that's only a small scratch on the surface, the possibilities of this worm is pretty big.

my 1 cent.
tough times to be giving out 2, jeez..

I don't think this is too far off topic, but I smell that "iPatriot Act" rumor getting ready to come to fruition.

If what they are saying about this Conflicker worm is true then it could possibly be a black op. I think people are wrong in their motives of what this worm is supposed to do. If it did originate from China, my guess is that they are going after the banking system.

Most ATM's, are windows based and they are all connected to a network, imagine the havoc that would cause if the ATM's either went down, or something more sinister such as instead of the cash getting spit out at you after you make a transaction the money goes away, its deducted from your account, but you have no money in your hand.

It seems that nobody knows exactly what this worm will do, but I suspect that the motive it is after is to enable China to become the new World Reserve currency and/or a black op so the gov can implement internet censorship.

It doesn't make much sense to destroy the internet because then the person/people that wrote it will lose their control. Who knows, but there are more practical and reasonable application of this and I highly doubt one of those applications is to destroy the internet.

[edit on 4-4-2009 by Hastobemoretolife]

Neat thread -- I don't know if you're good at fear mongering, or other people are just understating the threat

"It's not about ownage, it's about continued ownage," says Kaminsky, citing a favorite quotation of one of his hacker buddies.

I think that pretty much sums it up, right there.

I've read about these botnets before -- how malicious software engineers make these worms/viruses for the exclusive purpose of controlling thousands of computers, and thus their bandwidth. Conflicker is not an original idea, rather, it's just a very successful adaptation of an old trick: Control as many PC's as you can, link them together under one roof, then use them for denial of service attacks. Of course, who knows what Conflicker's owner will use the worm for -- could be for DoS attacks, but somehow I think something of this sophistication has a more sinister purpose.

Only time will tell

Originally posted by Anomen


Don't just roll your eyes and say "oh man... another worm"... because this worm actually has the capability to destroy the Internet as we know it overnight. The Conficker virus is not your conventional virus. Its a megaworm designed to attack specifically the Microsoft Windows Operating System. It infiltrates your computer, blocks your virus software from retrieving updates, blocks you from accessing web pages such as Microsoft's Update page which pretty much makes it impossible for you to remove the virus.

Another worm.

This will affect those internet toobers who rely on Windoze firewall and don't know how to tourn on their automatic updates.

I highly doubt it'll crash the net, to say the least. Though I have little love for most ISP's busines practices, i am nonetheless confident they can handle this latest doomsday worm.

reply to post by jaden_x


I completely agree. I know recently a lot of people have definitely been looking into OSs other than Windows... and Mac has been getting more common. I just hope that its enough to keep the net alive. The Windows/pc route is much cheaper when dealing with servers for up and coming companies (at least to my knowledge)... so we'll see what happens.

IMHO it is a bit far fetched to think only one person created this. It is far to complicated and genius to have been thought out by just one single person...

I do believe it is not such a strech of the imagination to think that when the SHTF internet will be down for most of the population and thus our only reliable source of information.

Come to think of it.....i know a lot of goverments who would be pretty happy with a tool like this!! Wouldn't surpise me if this thing eventually originated from somewere in Washington. It could ofcourse be China doing this but what could be their gain by cutting of the population of a country when you know goverment won't be effected??

Sorry for the bad spelling, just my two cents....

Peace

Has anyone considered the possibility that this "super virus" is nothing but a red herring, put out to make people update their anti-virus software? That may sound like a leap, but consider this scenario.

The government, fearing the spread of free information and the consequences of it, decides they want to put a clamp on the internet. They could hardly come out and announce this intention, and anti-virus software might actually hinder them. So, naturally, they start bundling their software with anti-virus companies. However, they need people to update their older software in order to spread it as far as they can. How would they do this?

By launching a "super virus" that'll scare the average user into updating, or even getting for the first time, their anti-virus programs. They update, the update contains a bit of ugly coding courtesy of our friends at the NSA, and operation Magic Lantern enters full swing.

Just a small consideration on my part, thats all.

www.huffingtonpost.com...

Lol just thought I'd throw this in here.

Top Rising Google Search Terms, March 28-April 3, 2009 Percentages indicate growth in search volume as compared to the previous seven days
1. conficker virus +2900%
2. april fools jokes +2850%
3. conficker +1500%
4. conficker worm +1450%
5. microsoft.com +550%
6. earth hour +500%
7. microsoft updates +400%
8. mcafee +250%
9. monsters vs aliens +180%
10. windows update +130%

I personally like the monsters vs aliens. :]

@ TheDustman

I have little doubt that this bug has nothing to do with updating anti-virus because most of the folks who get hit with things like this probably don't even know how to install anti-virus software let alone maintain and update their operating systems. By and large the prey of virus writers and their ilk are the lowest common denominator, the soccer mom who is so afraid of her computer that she has to ask her 7 year old son to turn it on and off for her.

---

.i know a lot of governments who would be pretty happy with a tool like this!!

I can almost assure you that most governments and especially the United States Government have no desire to kill the internet overnight for any of the myriad of imagined reasons you will no doubt see in this thread. If the internet ceased to function in say the US then you can count so many businesses as down for the count because their DC, NYC and LA offices suddenly lost their VPN links. Think the stock market has dropped in the past few years much, it would rocket downward so fast you wouldn't have time to evacuate your lunch.

Government get their money from taxes, if the people aren't making money then they aren't paying taxes and thus some suit on the hill goes without his expensive meals and even more expensive hookers; in short if we sink they sink and vice versa.

you know... now that I'm thinking about it. I wouldn't be surprised if this whole thing wasn't a plan to destroy Microsofts reputation once and for all.

The main effect I think we're going to see of this is a whole lot of ex windows users now turned mac user because of this virus.

[edit on 4-4-2009 by Anomen]

For all windows users ...

[atsimg]http://files.abovetopsecret.com/images/member/202ead57aa03.jpeg[/atsimg]



On a serious note, I wouldn't feel to comfy my fellow mac users, if OS X was the predominant operating system the same thing would be happening to macs.

Oh and out of courtesy please do a virus scan on your macs. Though OS X is immune to conflicker we can still pass it along to our Windows brethren.

reply to post by Helig


I agree with your post. What I was saying is that I think there is a chance that this is all a red herring. That instead of using the virus itself, which could be found and dealt with, that someone up high is using the 'updates' made specifically for this virus to actually penetrate peoples systems. Not as a way ot killing the internet, but to keep an eye on the people using it. This would affect people who regularly update their software and keep on the ball about this sort of thing, not just the bottom rung users like you mentioned.

reply to post by Anomen


I highly doubt this worm will drive any substantial numbers into the arms of alternative operating systems, and specifically mac due to the high costs of even their low-end systems. Price has long been Apple's downfall because I can obtain a non-mac system of equal capability hardware for roughly 1/2 the price.