Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Conficker??? real or fake


  • This topic is locked This topic is locked
17 replies to this topic

#1 cabalsun

cabalsun

    CC Lurker

  • New Member
  • Pip
  • 9 posts

Posted 29 March 2009 - 09:07 PM

Taken from thesun.co.uk

The Windows worm called Conficker could give a hacker unrestricted access to every infected machine on the planet.
And the aggressive bug could be hiding on your PC at home right now, waiting to kick in.
For the hackers, it’s like having a virtual army at their fingertips.
The criminals behind it have the power to launch a tidal wave of junk emails, bringing computers grinding to a halt.
They could also plunder information, including your bank details.
But the truth is that the best techie brains in the business just don’t know exactly what the hackers have in mind.
Infected

Virus expert Mikko Hypponen, from the firm F-Secure, said: “It is scary thinking about how much control a hacker could have over all these computers. They would have access to millions of machines.”
Microsoft, who developed the Windows computer operating system, have slapped a £175,000 bounty on whoever is responsible, so far without success.
The sophisticated Conficker bug — also known as Downadup or Kido — targets systems via the web and can be spread on memory sticks.
More than nine million computers were infected at the bug’s peak last month.
And if Conficker is still on your system come Wednesday, you could be in trouble.
Once inside your PC, it sets up files and starts downloading information from a controlling “boss” server.
Finding that website and the mastermind behind it all is like looking for a needle in a haystack.
That is because the bug creates hundreds of bogus addresses every day to put investigators off the scent.
The infected PCs then form a network and “talk” to each other, updating and evolving.
The bug even attacks anti-virus software and other files on your computer to strengthen its position.
And it resets “restore” points, making recovery of your old system even harder.



The first of three Conficker strains was discovered in November last year.
A second, more aggressive strain followed in December and a third this month. This contains the all-important April 1 trigger.


To avoid infection, Windows users must download a special free update “patch” from the Microsoft website. But that isn’t enough — you also need good anti-virus software too.
Many businesses around the world are thought also to be at risk after failing to update systems.
Graham Cluley, from computer security firm Sophos, warned: “Microsoft did a good job of updating people’s home computers.
“But the virus continues to infect businesses that have ignored the update.”
He also stressed the need for strong passwords on your computer, adding: “If users are using weak passwords — 12345, QWERTY etc — then the virus can crack them.”
F-Secure’s Mikko warned potential problems with Conficker would be highlighted wildly before April 1.
But he said he didn’t foresee an attack, despite the fears and mystery surrounding the problem.
He said: “There’s always hype — just think of previous cases.
“There is not going to be a ‘global virus attack’. We don’t know what they are planning to do, if anything.
“I think the machines that are already infected might do something new on April 1.”
Let’s hope, for everyone’s sake, that it turns out to be an April Fools’ Day hoax.

What M$ have to say about it:
Win32/Conficker.D is a variant of Win32/Conficker. Conficker.D infects the local computer, terminates services and blocks access to numerous Web sites. This variant does not spread to removable drives or shared folders across a network and is installed by previous variants of Win32/Conficker.

Other variants of Win32/Conficker infect computers across a network by exploiting a vulnerability in the Windows Server service (SVCHOST.EXE). If the vulnerability is successfully exploited, it could allow remote code execution when file sharing is enabled. It may also spread via removable drives and weak administrator passwords. It disables several important system services and security products.

Microsoft strongly recommends that users apply the update referred to in Security Bulletin MS08-067 immediately.


Microsoft also recommends that users ensure that their network passwords are strong to prevent Win32/Conficker variants from spreading via weak administrator passwords.
  • 0

#2 Guest_Jordan_*

Guest_Jordan_*
  • Guest

Posted 03 April 2009 - 05:41 PM

How do you feel, do you think it is real or fake?
  • 0

#3 John

John

    CC Mentor

  • Moderator
  • 4450 posts
  • Location:New York, NY

Posted 03 April 2009 - 10:09 PM

I tried to get infected with this virus for a half hour and I couldn't.
  • 0

#4 Guest_Jordan_*

Guest_Jordan_*
  • Guest

Posted 04 April 2009 - 08:26 AM

Why (would you want to get infected and why couldn't you)?
  • 0

#5 John

John

    CC Mentor

  • Moderator
  • 4450 posts
  • Location:New York, NY

Posted 04 April 2009 - 11:38 AM

I wanted to test my reverse engineering skills.
  • 0

#6 zeroradius

zeroradius

    Speaks fluent binary

  • Expert Member
  • PipPipPipPipPipPipPip
  • 1085 posts

Posted 04 April 2009 - 01:41 PM

My vote goes for fake. At least if what the news said was accurate. They say it can infect your computer weather you have EVER connected to the net or not. The only way that is possible is if some one at microsoft made the virus into the OS. So eaither there is a traitor in their midst or this is all a sham.

If it is real however I say bring it, I am Zero the zombie slayer ^_^
  • 0
Posted Image

#7 Guest_Jordan_*

Guest_Jordan_*
  • Guest

Posted 04 April 2009 - 06:48 PM

I wanted to test my reverse engineering skills.


Why couldn't you get infected?

My vote goes for fake. At least if what the news said was accurate. They say it can infect your computer weather you have EVER connected to the net or not. The only way that is possible is if some one at microsoft made the virus into the OS. So eaither there is a traitor in their midst or this is all a sham.

If it is real however I say bring it, I am Zero the zombie slayer ^_^


I'm betting the news probably worded it wrong. I've sat and watched a live event happen then listened to the news an hour later. They really are pretty bad at being accurate.
  • 0

#8 freeman

freeman

    CC Newcomer

  • Just Joined
  • PipPip
  • 23 posts

Posted 08 April 2009 - 04:44 AM

I wouldn't be surprised if the virus existed, but it's strength and computer vulnerability was probably exaggerated by the media
  • 0

#9 John

John

    CC Mentor

  • Moderator
  • 4450 posts
  • Location:New York, NY

Posted 08 April 2009 - 12:57 PM

Why couldn't you get infected?

I think it was because I was using Firefox and not Internet Explorer.
  • 0

#10 Pro

Pro

    CC Lurker

  • Just Joined
  • Pip
  • 6 posts

Posted 11 June 2009 - 08:02 PM

It seems like the news was written up in a very fear mongering way. However Conficker is real, Steve Gibson talked about it in detail on Security Now. Here is a link to the episode if you're interested. hxxp://twit.tv/sn193 (Sorry about the hxxp, I'm unable to post links until I have 10 posts)
  • 0

#11 ReignInChaos

ReignInChaos

    CC Regular

  • Just Joined
  • PipPipPip
  • 44 posts

Posted 12 June 2009 - 05:41 AM

I feel that if a person or group that this almighty power to unleash havoc on the world, why would they want all this comotion about it. Granted they are being put in the public eye, but if their intent is to cause damage wouldn't they want to be discrete about it?. If you look at it from an objectively, the media (with the help of a few experts after the hype already took place) blew this up. I am not doubting the virus is real and I'm not saying its a fake, however I'm saying that its not as cracked up as it played out to be.
  • 0

#12 Johnson695

Johnson695

    CC Lurker

  • Just Joined
  • Pip
  • 2 posts

Posted 15 June 2009 - 05:15 PM

fake even if you try you wont get it sorry
  • 0




Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download