Conficker Worm Continues to Baffle the Experts

Posted by: Stephen Wildstrom on April 09, 2009

The Conficker worm, which did not bring the Internet to its knees or do much of anything else on April 1, continues to evolve in ways that have security experts scratching their heads about what may be the ultimate goals of the unknown bad guys behind the malware.

On April 9, both Symantec and Trend Micro issued updates noting new activity. Symantec (no link available) said that the latest modifications to the worm, which it calls W32.Downadup, include instructions to disable itself on May 3. It also says infected machines are contacting high profile Web sites, but all they are doing is checking the current date and neither uploading nor downloading any data. Symantec researchers say they have discovered a possible link to the spam-spewing bot computers controlled by the W32.Waledac worm.

Trend Micro issued a somewhat more alarmist report, saying it has found indications " that cybercriminals behind the notorious Conficker worm may finally be gearing up for more serious attacks.." But the only support Trend Micro gave for the claim was the observation of some increased peer-to-peer communications between infected machines and a system "believed to be hosted in Korea."

There isn't a lot us ordinary folks can do about this slowly unfolding drama. Just make sure to keep your systems patched with the latest Windows updates and run antivirus software that is kept up to date with the newest malware definitions.

TrackBack URL for this entry: http://blogs.businessweek.com/mt/mt-tb.cgi/

Reader Comments

Aquemini

April 10, 2009 12:53 AM

Man, it nice to be a Mac user, lol

paul vail

April 10, 2009 01:01 AM

Or stop buying Windows.

Another idea: have Microsoft offer license amnesty to the millions of infected XP machines (particularly ones NOT in the US) so that they can be patched. Their lousy code got the world into this mess -- maybe they need to get us out. Can you imagine a world without spam? One where trojans and virus issues don't cost us millions in unneeded IT support. Oh, wait... that's a whole economy we can't just shut down, is it? Microsoft -- insuring IT salaries nationwide.

dk.tostring

April 10, 2009 01:21 AM

Man, it's nice to write in complete sentences.

IT

April 10, 2009 01:23 AM

Don't worry Mac users. Your turn is on the way. Have fun.

ELROHANO

April 10, 2009 01:31 AM

And a Linux user! :)

Dar

April 10, 2009 01:35 AM

Seriously ;)

MrPicky

April 10, 2009 01:37 AM


LOL its nice to be a Linux user too! :-p

I visit Malware sites just for laughs .. with no AV software !!

Ian

April 10, 2009 01:41 AM

Macs are easier to hack. Most hackers don't bother because so few people use them.

BadFan1

April 10, 2009 01:43 AM

Damn you MAC Users! Just kidding. Hey Conficker - What time is it? It is probably written by some korean gang dude that is bored from eating dog.

ManMan

April 10, 2009 01:43 AM

Man, it nice to be illiterate, lol

Billy

April 10, 2009 01:46 AM

Yeah, I'm on a Mac, and I haven't used virus software of any kind for close to 5 years.

Rando

April 10, 2009 02:12 AM

May 3rd, 1978 was the day the first email messages to later become known as "spam" were sent out. Cue Twilight-Zone music...

poopman

April 10, 2009 02:15 AM

yeah, because it would be awful to have a virus that checks the date and ultimately disables itself...

Bill Simpson

April 10, 2009 02:32 AM

Osama is sitting in some palatial house surrounded by agents of Pakistan's intelligence service typing out conflicker code like crazy.

Slackware

April 10, 2009 02:36 AM

Use Linux instead, No Fear for the Conficker worm.

rightonbrother

April 10, 2009 02:36 AM

So true. My mac has no problems with any worms or viruses ever. It is my perfect pal. I am in love...

Luddite

April 10, 2009 02:37 AM

Will this virus affect my Commodore 64?

John

April 10, 2009 02:39 AM

Does that Mac come with a grammar check, Cheech?

hutch

April 10, 2009 02:43 AM

even nicer to be a linux user :)

jb

April 10, 2009 02:48 AM

Nice to be a Mac user but to bad they can't put a sentence together.

DataMatt

April 10, 2009 02:51 AM

The only reason Mac's are a bit safer is because their market share sucks more!

OSource

April 10, 2009 02:54 AM

It's nice to not be a targeted OS. Since it's just windows being target primarily, you know they are more common. Anyone running Linux, any form of BSD ( for the most part ), or any other modern OS other than windows is probably safe within reason. No OS is truly secure even Mac was beat down in the pwn2own contest.

duh

April 10, 2009 03:04 AM

Aquemini, you are a f#@kwit.

Mr. Cool

April 10, 2009 03:09 AM

Nobody's fooled...We all know that it is the anti-virus companies that are making these worms and viruses. Then they create a whole bunch of media hype and tell everyone to go out and by the latest anti-virus to protect themselves from the latest media inflated cyber-smyber. Capitalism at it's best!

Aquenot

April 10, 2009 03:10 AM

Aquemini you would never know if someone was stealing your identity because you foolishly think your holy mac isn't full of a plethora of gaping holes as it is. One day someone will waste their time and write a worm that will take down all the macs just for the sake of shutting losers like you up, because your machine will not have any malware protection or exploits patched in time, because you live in a fantasy tv ad world.
i have never had an infection on any pc. This worm is only infecting people who dont take security seriously, people like you. "lol"

mrinvader

April 10, 2009 03:21 AM

Or a Linux/UNIX user XD hehe winders... hehehe

mrinvader

April 10, 2009 03:21 AM

Or a Linux/UNIX user XD hehe winders... hehehe

Dont CELEBRATE YET

April 10, 2009 03:22 AM

As soon as MACs claim a substantial market share, they will be a target too. At the moment though, they don't exist.

don't start with it

April 10, 2009 03:24 AM

Don't get people started about mac virus immunity...it is dangerous to think that you don't have to worry about malicious software just because your personal computer runs OSX.

I wonder what the article means by "Korea" (north or south makes a big difference)

mike

April 10, 2009 03:24 AM

yup! linux here...but i share your sentiment.

check-your-facts

April 10, 2009 03:27 AM

Enough. It is a myth MACs can't get a virus. Search on "mac virus list" and check the results

jeff

April 10, 2009 03:28 AM

ubuntu, ftw

Bishop

April 10, 2009 03:39 AM

I'm a Mac user too. But please, who ever you are don't act so happy! All this really does is make M.S. users annoyed with us. There is a cultural side to computers too, you know.

Andres

April 10, 2009 03:41 AM

I have always used Windows and don't understand how people can be so careless. I've never gotten infected because I don't go downloading something I'm not sure about or downloading email attachments from people I don't know. And I don't even have anti-virus software installed. These people either need to get a Mac or a Linux (Ubuntu) to protect them from themselves. Sheesh.

Radar

April 10, 2009 03:42 AM

The only goal of the "cybercriminals" was to cause mass hysteria. Again. Dismissed.

John

April 10, 2009 03:43 AM

Nice to be a Linux user.

RX13

April 10, 2009 04:16 AM

@Aquemini; For the time being yes, but the only reason Mac isn't under attack at the same rate is based on the ratio of users. Most experienced programmers lean towards Linux for it's malleability, and it just makes more sense to attack a broader base of users. That being PC, and not Mac.

Don't feel so safe that you let your guard down. Mac safety is just a matter of time and aim.

Nate

April 10, 2009 04:17 AM

Yep!!

really am bob

April 10, 2009 04:31 AM

w00t!

Ed

April 10, 2009 04:32 AM

M$ should make updates mandatory since windows will always suck.

Schratboy

April 10, 2009 04:38 AM

The anti-virus guys are always alarmist. It's part of their DNA to spread F.U.D. (Fear, uncertainty and doubt) and tout that only 'they' have the proper solution.

Dreamer

April 10, 2009 04:41 AM

Or install Linux... *doesn't understand why people use Windows*... it's really rubbish, lol..

wogga wogga

April 10, 2009 04:44 AM

Wogga mogga kalogga flogga

gfblount

April 10, 2009 04:47 AM

It's even better to be a linux user

Anonymous

April 10, 2009 04:49 AM

Enjoy your overpriced homosexual computer.

Aquemax

April 10, 2009 05:09 AM

Macs suck!

ray

April 10, 2009 05:16 AM

If you weren't brainwashed by steve jobs great marketing campaign and didn't just buy a mac because it is in style and "the cool" thing to do, you would know that macs have there own share of problems and aren't perfect. My guess is your between 20 and 30 years old, got a decent job or rich parents and bought a mac because you think it expresses your individuality.

ray

April 10, 2009 05:16 AM

If you weren't brainwashed by steve jobs great marketing campaign and didn't just buy a mac because it is in style and "the cool" thing to do, you would know that macs have there own share of problems and aren't perfect. My guess is your between 20 and 30 years old, got a decent job or rich parents and bought a mac because you think it expresses your individuality. LOL

jeezy

April 10, 2009 05:19 AM

Hey!! I can drink coffee and sit at starbucks with my IMAC and pretend that im immune to all viruses and malware because I use a MAC! get real.... LOL

Thomas W

April 10, 2009 05:30 AM

Always nice to pay more, for a false sense of security. Have a nice day :-)

lancest

April 10, 2009 05:38 AM

It's even nicer running the most secure OS on the planet- Linux. Rock on Ubuntu!

Renegade

April 10, 2009 05:38 AM

Trend micro and symantec uh.

scott

April 10, 2009 05:38 AM

ugh. macs get viruses too. wake up.

thufir

April 10, 2009 05:42 AM

err, there's something you can do: don't use windows.

fusioncon

April 10, 2009 05:53 AM

mac, pc, whatever, its not going to make much difference what platform you are using when your favorite web sites are getting DDOS'd or your credit cards are stolen.

I hate mac users

April 10, 2009 05:55 AM

Get a real screen name and stop biting outkast titles.

eaziduzit

April 10, 2009 05:56 AM

mac user = illiterate

d3viant

April 10, 2009 06:15 AM

Oh get over yourself, Aquemini. Don't bother opening up that old chestnut again.

nate

April 10, 2009 06:29 AM

That statement is like looking at all the car accidents in the world and saying, man I am glad I walk everywhere.... Macs are not as secure as their marketing would lead you to believe. the more popular they become the more you will encounter malware for them.

Birra

April 10, 2009 06:29 AM

Yes, I remember well virus scanners, defragging, registry cleanup. That was two years ago, now none of those MS Tax problems since I got my Mac

For those who don't understand, Macs are not only inherently more secure, but you don't have to run as an administrator to get something done. If anything ever tries to install itself on your machine, it has to ask you for the admin password and it even tells you the install is coming from the internet.

Bob

April 10, 2009 11:41 AM

Mac... LOL.

Dave

April 10, 2009 12:41 PM

Man I created my own OS called Dave OS. I've never had a virus. Sure it can't play every video game that windows can but I can make up my own commands that are really geeky and impossible for anyone else to decipher or use to my heart's content!

Still trying to get Nvidia and ATI to more fully support my OS so I can use it for things that are enjoyable, but at least I never get viruses!

Take that Conficker!

OlySoft-Dave

April 10, 2009 08:07 PM

What the hell kind of defeatist statement is this:
>There isn't a lot us ordinary folks can do about this slowly unfolding drama.

Stop using an operating system specifically designed to allow the system to overide the user's commands. DRM, WGA, etc., and use an operating system designed to simply run the computer the way the user wants. GNU/Linux. I recommend an Ubuntu distribution for many reasons, but there are others that may tickle someone's fancy.

OS-X is decent too because it's basically build from code taken from BSD. Legally because of the BSD license, but still taken and changed. It is no longer open and no one can vouch for it's current state of security as a result.

But the last thing people that currently use Windows need to do is become complacent and just accept the crap being shoved down their throats.

ABCVIRUS

April 10, 2009 09:19 PM

ALL of you are not true IT people...

So unless someone decides to create a magical software to delete the conficker scripts, and files. We're all sitting ducks - the viral creator could just make a new variant to infect all types of computers and disable all anti-softwares. That would be doomsday, for the whole internet. (bad thing to say but it is the truth.)

Felix

April 11, 2009 06:16 AM

Mac or PC is not a question of anything but culture.

One is 'being jealous', the other is 'being content'.

OlySoft-Dave

April 11, 2009 10:37 AM

Actually I am a 'true' IT professional ABCVIRUS. It sounds like a few of the other folks who posted above me are also if not involved in IT, they are at least better informed then you are.

Conficker is not a script, it is a carefully written segment of machine code that expoits an specific vulnerability in every default installation of Windows.

This is important to understand because iit means there can be no 'doomsday' virus that will take out all types of computers simply because all computers do not have the same vulnerability. GNU/Linux for example is Free Software that can be peer reviewed any time to audit it's security.

The guys in the black hats can also get it's code and scrutinize it, that is a common argument, but as long as the guys in the white hats can do the same and can effect real changes in the code-base then GNU/Linux will always be more secure than any closed source alternative.

The NSA has already done this and the result is something called SELINUX. Basically it is a normal Linux kernel that observes certain rules while it operates. The Linux kernel is a very secure animal by default but with SELINUX mode turned on, it's nearly impregnable even from the user.

What people need to focus on is not that there was a patch for this vulnerability a few months before conficker hit, but that this enormous hole has been in Windows since day 1. Without the kind of peer review that Free Software like GNU/Linux gets routinely, security will always be lacking. No matter what kind of resources Microsoft throws at the problem.

And, much more than 70% of the webservers, not to mentions the ATMs that form the backbone run some variant of GNU/Linux, or UNIX. Don't worry about them going down.

anjilslaire

April 11, 2009 12:33 PM

"ALL of you are not true IT people..."

uh, what? You need to educate yourself. An exe or dll is *not* going to infect a Linux system. And even if it did, it would only be in userspace. The solution to that would simply be to delete the user's /home/ directory and log in again.

That being said, I'm going to see if I can get my Wine installation affected ;) Should be interesting...

Post a comment

 

About

BusinessWeek writers Peter Burrows, Cliff Edwards, Olga Kharif, Aaron Ricadela, Douglas MacMillan, and Spencer Ante dig behind the headlines to analyze what’s really happening throughout the world of technology. One of the first mainstream media tech blogs, Tech Beat covers everything from tech bellwethers like Apple, Google, and Intel and emerging new leaders such as Facebook to new technologies, trends, and controversies.

Categories

 

BW Mall - Sponsored Links

Buy a link now!