Conficker??? real or fake

[cabalsun]

Taken from thesun.co.uk

The Windows worm called Conficker could give a hacker unrestricted access to every infected machine on the planet.
And the aggressive bug could be hiding on your PC at home right now, waiting to kick in.
For the hackers, it’s like having a virtual army at their fingertips.
The criminals behind it have the power to launch a tidal wave of junk emails, bringing computers grinding to a halt.
They could also plunder information, including your bank details.
But the truth is that the best techie brains in the business just don’t know exactly what the hackers have in mind.
Infected

Virus expert Mikko Hypponen, from the firm F-Secure, said: “It is scary thinking about how much control a hacker could have over all these computers. They would have access to millions of machines.”
Microsoft, who developed the Windows computer operating system, have slapped a £175,000 bounty on whoever is responsible, so far without success.
The sophisticated Conficker bug — also known as Downadup or Kido — targets systems via the web and can be spread on memory sticks.
More than nine million computers were infected at the bug’s peak last month.
And if Conficker is still on your system come Wednesday, you could be in trouble.
Once inside your PC, it sets up files and starts downloading information from a controlling “boss” server.
Finding that website and the mastermind behind it all is like looking for a needle in a haystack.
That is because the bug creates hundreds of bogus addresses every day to put investigators off the scent.
The infected PCs then form a network and “talk” to each other, updating and evolving.
The bug even attacks anti-virus software and other files on your computer to strengthen its position.
And it resets “restore” points, making recovery of your old system even harder.



The first of three Conficker strains was discovered in November last year.
A second, more aggressive strain followed in December and a third this month. This contains the all-important April 1 trigger.


To avoid infection, Windows users must download a special free update “patch” from the Microsoft website. But that isn’t enough — you also need good anti-virus software too.
Many businesses around the world are thought also to be at risk after failing to update systems.
Graham Cluley, from computer security firm Sophos, warned: “Microsoft did a good job of updating people’s home computers.
“But the virus continues to infect businesses that have ignored the update.”
He also stressed the need for strong passwords on your computer, adding: “If users are using weak passwords — 12345, QWERTY etc — then the virus can crack them.”
F-Secure’s Mikko warned potential problems with Conficker would be highlighted wildly before April 1.
But he said he didn’t foresee an attack, despite the fears and mystery surrounding the problem.
He said: “There’s always hype — just think of previous cases.
“There is not going to be a ‘global virus attack’. We don’t know what they are planning to do, if anything.
“I think the machines that are already infected might do something new on April 1.”
Let’s hope, for everyone’s sake, that it turns out to be an April Fools’ Day hoax.

What M$ have to say about it:
Win32/Conficker.D is a variant of Win32/Conficker. Conficker.D infects the local computer, terminates services and blocks access to numerous Web sites. This variant does not spread to removable drives or shared folders across a network and is installed by previous variants of Win32/Conficker.

Other variants of Win32/Conficker infect computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.

Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.


Microsoft also recommends that users ensure that their network passwords are strong to prevent Win32/Conficker variants from spreading via weak administrator passwords.

[Jordan]

How do you feel, do you think it is real or fake?

[John]

I tried to get infected with this virus for a half hour and I couldn't.

[Jordan]

Why (would you want to get infected and why couldn't you)?

[John]

I wanted to test my reverse engineering skills.

[zeroradius]

My vote goes for fake. At least if what the news said was accurate. They say it can infect your computer weather you have EVER connected to the net or not. The only way that is possible is if some one at microsoft made the virus into the OS. So eaither there is a traitor in their midst or this is all a sham.

If it is real however I say bring it, I am Zero the zombie slayer ^_^

[Jordan]

I wanted to test my reverse engineering skills.

Why couldn't you get infected?

My vote goes for fake. At least if what the news said was accurate. They say it can infect your computer weather you have EVER connected to the net or not. The only way that is possible is if some one at microsoft made the virus into the OS. So eaither there is a traitor in their midst or this is all a sham.

If it is real however I say bring it, I am Zero the zombie slayer ^_^

I'm betting the news probably worded it wrong. I've sat and watched a live event happen then listened to the news an hour later. They really are pretty bad at being accurate.

[freeman]

I wouldn't be surprised if the virus existed, but it's strength and computer vulnerability was probably exaggerated by the media

[John]

Why couldn't you get infected?

I think it was because I was using Firefox and not Internet Explorer.

[Pro]

It seems like the news was written up in a very fear mongering way. However Conficker is real, Steve Gibson talked about it in detail on Security Now. Here is a link to the episode if you're interested. hxxp://twit.tv/sn193 (Sorry about the hxxp, I'm unable to post links until I have 10 posts)