Related
Internal Links
- Conficker: world's greatest April Fool's joke or 'digital Pearl Harbor'? (March 27, 2009)
- New Conficker worm set to attack on April 1 despite bounty (March 20, 2009)
- Microsoft offers $250,000 to nab author of Conficker worm (Feb. 12, 2009)
- Windows virus spreading quickly, but may be a dud (Jan. 19, 2009)
- Feature: Taking on the zombie botnets
External Links
- Computer Associates Conficker page
- Microsoft: Information on Conficker
- Symantec Conficker page
- Computer Troubleshooters
- Anti-virus software recommended by Computer Troubleshooters
- Anti-virus software recommended by Computer Troubleshooters
- Free anti-virus software for home use
(Note: CBC does not endorse and is not responsible for the content of external sites - links will open in new window)
Conficker is a worm that has been spreading to computers through the internet for months, and computer security experts estimate that millions of machines are infected.
There are other worms crawling the internet, but this one has made headlines in recent weeks because the latest variant of the worm, Conficker C, which was noticed in early March, is expected to launch some sort of attack on April 1, 2009 (it will check the date on a number of internet sites, so changing the date on the computer itself isn't a safeguard).
Computer security experts don't yet know what actions computers infected with Conficker C will be asked to perform and might not know until April 1.
Conficker infects computers running various versions of Microsoft Windows, especially those that have not been patched with a security upgrade issued by Microsoft in October. Once it has its "command and control" instructions, the infected computer becomes part of a "botnet" of many infected computers that take orders from those who control them, and as such, it might gather personal information, install malicious software on the computer and attack or infect other computers.
A group of internet groups and businesses led by Microsoft has offered a $250,000 US reward for information leading to the arrest of those responsible, but in the meantime, they're also urging people to make sure they have proper Windows security updates and anti -virus software installed.
Here are some things you should know about Conficker:
Names it goes by:
- Conficker
- DownadUp
- Kido
Less-common aliases:
- Worm:Win32/Conficker.A (Microsoft)
- Crypt.AVL (AVG)
- Mal/Conficker-A (Sophos)
- Trojan.Win32.Pakes.lxf (F-Secure)
- Trojan.Win32.Pakes.lxf (Kaspersky)
- W32.Downadup (Symantec)
- Worm:Win32/Conficker.B (Microsoft)
- WORM_DOWNAD.A (Trend Micro)
What can it do?
The worm disables Windows Automatic Updates and the Windows Security Center.
It makes the computer part of a "botnet" of other infected computers. A botnet, or robot network, is a group of web-linked computers — sometimes called zombies — that have been commandeered, in some instances by criminals, to perpetrate all kinds of online nastiness. Typically, a "bot" is installed on a machine through a trojan, an insidious program that can find its way into an insufficiently protected computer in a variety of ways, such as when a user clicks on a link to an infected web page or e-mail message, views an infected document, or runs an infected program. Once the bot has made itself at home, it "opens the doors" of its new host computer to its master, who can instruct the machine to engage in various nefarious activities, such as sending out spam and phishing emails or launching the distributed denial of service, or DDOS, attacks.
Conficker can gather personal information, install malicious programs on the computer and send spam to other computers.
One symptom that might indicate you are infected with the worm, according to security company Symantec, is finding that your computer is blocked from accessing the websites of most security companies.
Difference between a virus and a worm:
A virus is a small program that enters your computer inside a file that is written to alter the way a computer operates. Viruses replicate and can cause system crashes and data loss.
A worm is a type of virus that enters a computer through a weakness in the computer system and multiplies by using network flaws. Worms can replicate from system to system without the host file.
Who is vulnerable?
Windows users who haven't installed the proper Microsoft security patches and updates.
Computers that don't have up-to-date anti-virus protection.
Why the concern?
Conficker's early versions have already spread to several million computers (some estimates in March 2009 put the infection rate at around 12 million machines), and machines that had the older versions of the worm have been upgrading themselves to the Conficker-C version to protect themselves from detection and removal.
The "C" version is scheduled to come alive on April 1. At that time, copies of the malicious code on infected computers will try to generate and connect to 500 web URLs a day from a group of 50,000 across 110 domains around the world, including .ca, while trying to reach a "command and control" domain for further instructions. But nobody knows what, if anything, it will do at that point. It might use the "botnet" of computers to distribute spam or malware, or it might do nothing at all.
Who's fighting it?
A consortium of security companies and internet service providers called the "Conficker Cabal" is working to disable the worm.
Microsoft has offered a $250,000 US bounty to find the Conficker creator.
Canada's Internet Registration Authority is trying to block domains generated in Conficker code that fall in the .ca top-level domain from being used.
Compiled by Sheila Whyte, CBC NewsShare Tools
Top News Headlines
- HMCS Corner Brook collision damage extensive
- The damage done to HMCS Corner Brook when it hit the ocean floor off B.C.'s coast last summer was more extensive than first reported, CBC News has learned by obtaining exclusive pictures of the submarine. more »
- Mandatory gun sentence struck down by Ontario judge
- An Ontario Superior Court judge has struck down a mandatory minimum sentence for a first offence of possessing a loaded firearm. more »
- O Canada! 12 Flag Day stories of patriotism
- Ahead of tomorrow's Flag Day celebrations, our readers shared some of their proudest Canadian moments. Here are some of the best. more »
- UN raises fears of civil war in Syria
- Syrian government forces renewed their assault on the rebellious city of Homs on Tuesday, activists said, as the UN human rights chief raised fears of civil war. more »
Latest Technology & Science News Headlines
- Canada dropping the ozone ball, scientists warn
- Leading atmospheric scientists are warning that Canada's cuts to its ozone monitoring program are already having effects on the world's ability to monitor air quality and ozone depletion. more »
- Ban Wi-Fi in classroom, Ontario teachers union urges
- The Ontario English Catholic Teacher's Association says computers in all new schools should be hardwired instead of setting up wireless networks, citing safety concerns. more »
- How to think like a Neanderthal
- A lack of creativity and the inability to innovate may have led to the extinction of the Neanderthals, two researchers argue in a book that aims to get inside the Neanderthal mind. more »
- FBI seeks social media data mining tool
- The U.S. government is seeking software that can mine social media to predict everything from future terrorist attacks to foreign uprisings, according to requests posted online by federal law enforcement and intelligence agencies. more »
Bob McDonald's Blog
Glacier Discovery Walk: Will the visitor centre enhance the view? Feb. 10, 2012 3:17 PM Environment minister Peter Kent has announced the construction of a new Glacier Discovery Walk and visitor centre on the Icefields Parkway in Jasper National Park. It raises the issue of how to balance commercial development in our National Parks against the preservation of the last refuges of wilderness.
Quirks & Quarks
- February 11: Inside the Mind of a Neandertal Feb. 10, 2012 4:01 PM Can we get inside the mind of a species that's been dead for 30,000 years? A new book, How to Think Like a Neanderthal, suggests we can. The authors reconstruct a creature like us in many ways, but with important differences.
Latest Features
- HMCS Corner Brook collision damage extensive
- Whitney Houston's body now at N.J. funeral home
- Online surveillance critics siding with child porn: Toews
- Stanley Cup rioter seen in brick attack on cop
- Mandatory gun sentence struck down by Ontario judge
- Whitney Houston estate value set to soar
- Whitney Houston's body headed home to New Jersey
- Man pleads guilty to murder of stepdaughter, 17
- HIV-positive B.C. man jailed for assault, child porn
