The computer worm known as Conficker woke up as expected this morning when calendars flipped to April 1, but fears that millions of infected computers would launch an attack on the world’s cyber-infrastructure have so far proved to be unfounded. Computer security experts have been warning the public for weeks that the Conficker worm was set to try to download commands from a server at an unknown Internet location on [April 1]. There was no certainty about the intent of the program, which could be used to send e-mail spam, distribute malicious software or generate a potentially devastating “denial of service” attack on Web sites or networks [The New York Times].
The worm is thought to have infected 12 million computers worldwide, with the most infections occurring in Asia. But computer experts monitoring the progress of the worm say that while infected computers do appear to be trying to link to control servers, the mysterious hackers behind the virus have yet to give those computers any specific instructions. However, security experts warned that there was no room for complacency…. “We believe the software is geared towards making money. The characteristic of this type of worm is to keep it slow and low, keep it under the radar to slowly maximise profits over the long term” [BBC News], says Vincent Weafer, of the anti-virus firm Symantec.
Conficker preys upon a vulnerability in Microsoft Windows that was patched in October, although the worm does take a number of actions to try and shut down antivirus programs and prevent them from updating. The Apple Macintosh OS X operating system is completely immune [PC World]. But the worm can be easily detected and removed by users. For example, if a PC is unable to reach Web sites of companies that offer anti-virus software, like McAfee, that computer may be infected.
Many experts say that it would make sense for the hackers to lay low for a few days, since computer security companies around the world are currently on high alert. Paul Ferguson, a researcher at the anti-virus company Trend Micro, says that for now, he can only watch and wait. “The big mystery is that there’s this big loaded gun out there, this network of millions of machines that’s under the control of persons unknown,” Ferguson said. “They’ve given no indication of what their motives are other than toying with people” [InfoWorld].
Cosmic Variance: The C Variant covered the Conficker worm last week
80beats: Is the U.S. Government Losing the Battle Against Hackers?
80beats: Computer Virus Travels Into Orbit, Lands on the Space Station
80beats: Russian Invasion Included the First Real Use of “Cyber Warfare”