The hackers behind the worm have yet to give it any specific orders. "That's the interesting thing. The only thing the worm is being asked to do is to ask for further instructions," Steve Trilling, vice president of security firm Symantec, told the CBS program "60 Minutes" in a story aired on Sunday.
Do YOU know what Conficker is? You Should...
According to Wikipedia, Conficker is a computer worm virus that surfaced in October 2008 and has 4-5 iterations existing in the wild. It is also known as Downup, Kido, and Downadup.
How do I know if I have Conficker? Conficker gets into your PC and then stops you from being able to visit anti-virus and anti-spyware websites. Conficker also has the uncanny ability to copy itself when you reboot your machine.
Conficker's intended sinister attack is as-yet unknown, however, Leslie Stahl of 60 Minutes reported on Sunday that Conficker's intended use is to lie in wait, collecting every keystroke we make on our machines, and then report that data to a host. The danger is that most of us log in to financial websites, credit card accounts, online banking, and make purchases online, and then our identity can be stolen.
The sad part is that Conficker's attack could have been prevented...The patch that closes the loophole was actually available from Microsoft months before Conficker hit cyberspace. The Microsoft Windows patch, MS08-067, can be downloaded on machines that are not infected to protect it from Conficker's wrath. However, if you haven't downloaded that patch, your detection and removal will be more difficult.
The difficulty comes in Conficker's own programming, but this may also be a key to it's neutralization. Once Conficker detects a system where MS08-067 has not been applied, it installs itself and then applies a specialized version of MS08-67 that's meant to make everything look kosher. But - and this is a big BUT - network technicians discovered over the weekend that server and computer behavior look a lot different than they should where Conficker has installed itself.
The bottom line is if you an visit Symantec, McAfee, or other anti-virus sites, it's likely you don't have Conficker. However, most of these sites have free Conficker Removal Tools. And, it's always a good idea to download automatic updates from Windows to ensure you are protected against attacks.
Since Conficker can stop automatic Windows updates, take the time now to open your Windows Explorer Browser, Click Tools, and then Click Windows Update to be sure you have the most updated software available.
For a link on how to remove Conficker directly from Microsoft, click here. Happy Computing!
Posted By: Christianne Gordon - Northern Nevada Real Estate Agent - Realtor with RE/MAX Realty Affiliates, specializing in Carson Valley Real Estate and Northern Nevada Real Estate.
I wish they would feature this. There is more info at the microsoft site: http://support.microsoft.com/kb/962007
Thanks for the info. I read today that some of the conflicker virus didn't wait and "messed up". At the office we had a computer that would fill up with spyware ads and shut the computer down. I read this is one of the conflickers that failed. That one would not allow the computer to do anything but load the spyware ad.
Christianne- I guess I don't have it I'm able to update my anti-virus. I guess I'll be able to tell tomorrow if it happens.
Christianne,
Thanks for the article!
Russell,
I have seen numerous people writing about this today and when I mentioned it to Jon he gave me a directive: Find a post about it and feature it so as many people as possible are made aware. (It's a joke around the office that I don't take orders from Jon, but this one seemed important enough)
Christianne....I just read a post before yours. I'm glad I read yours. I take it as long as we're update date on our anti-virus we should be ok. When.....will these people stop creating this stuff!!!
I will certainly make sure my entire office is up to speed on this NOW.
Thanks so much!
Anna Banana, Phoenix, AZ
Christianne,
I appreciate your update. I am new to Active Rain but I am quickly learning from lots of fine folks like you already.
Bob Murphy
Thank you for the post. I've read a little about it today and now I'm off to update.
Thanks for posting this I have been so busy all week I have only heard bits and pieces. I use a Mac but have to use IE for my MLS so I will not log on for a few days.
These folks make me sick.
I wish I could do all the updates, but the latest update for IE is not compatible with our MLS. You would think they would have resolved this.
I have updated my anti virus program, and now I wait.
I don't feel sick...
Read some info on yahoo today. Evidently, leaving your computer off tomorrow won't help.
Nasty worm for sure. I use McAfee and it automatically scans and updates all the time. While it slows down my computer when it is scanning it is well worth it.
As long as you have Main Stream Anti-Virus protection on your computer, and it is up to date, AND it's running, you have nothing to worry about from this Virus.
All of the Anti-Virus companies are all over this thing.
The viruses you have to worry about are the ones the Anti-virus people don't yet know about. Good Anti-Virus software knows what to look for in new Virus infections too, so most of the time when new, unheard of viruses come on the scene, your anti-virus program will catch them too. It's the new viruses that use new techniques that are the real threat. It can take several hours for the anti-virus companies to get a hold of a copy of a new virus and sometimes several more hours to come up with prevention. If you are unlucky enough to be one of the first to receive one of the new, unknown and unique viruses, you are vulnerable.
Most of you may not recall the "Love Letter" Virus, but I certainly do. I was working for Trend Micro doing World Wide support for their Exchange Server Anti-Virus product (business email anit-virus). The Love Letter viruse was new, and our software didn't know how to deal with it. It spread soooo fast that it was bringing entire company's email servers down. We are talking hundreds of thousands of email accounts. Some very well positioned companies, some in the computer bussiness that are still large today. I won't mention any names, but one of them used a three letter Accronym, another only 2 letters.
To be fair to Trend Micro, an excellent company with great products, No one's software was capable of stopping the Love Letter Virus in the first couple of days.
I had IT guys across the globe yelling at me!!! Talk about stress - Real Estate is NOTHING compared to that.
Paul McDuell - Microsoft Certified System Engineer....
thanks Christianne, just heard about this little gem. I had to use the unistall tool from Norton. My Microsoft updates were current. Interesting. Hope that the reinstall works for my Norton!
Thanks for the information. I'm making sure I'm updated.
I have been reading a lot, but hadn't seen a good wrap.. this one was excellent. I am pretty sure I am up to date... and I can visit A|V sites, so I should be good. Updating Windows just to be sure.
This is the first that i have heard of this one but ill be on the lookout
I've heard people say they're not turning on their computers at all tomorrow. I'll be curious to see what happens.
I think if you have good anti virus on your computer you are ok.
Patricia NH Real Estate
Paul, i do remember the Love Letter. that thing was a kick-ass virus. I remember trying to remove it from 7,000 computer when i had a 9-5. but after being in technology for so long, I found the light and the truth....it's a little white box with the logo of an apple partially bitten. have you heard of it, it's called a MAC?
Thanks Christiana for the update. I'v been hearing about this virus for a month or so. I guess April 1 is D-Day, so to speak, so thanks for being vigilant, and keeping us aware.
Much thanks
Kathy B
This thing has me so freaked out I'm not going to turn my home computer on tomorrow. Office only.
Thank you for this - I ran some of the updates from Microsoft - hopefully it will WORK!
We have McAffe on our PC, and I use a Mac, but my mom called me to tell me about this since we've been out of town. I was glad to read your blog and all of the details regarding how the virus works.
Thanks!
Golly! I better spend the whole day tomorrow without my computer. I better put that in my calendar so I don't forget. What is the date tomorrow?
"Buy a pc instead of a mac day!" ;-P
But really, Good luck everybody. I hope this doesn't get any of us.
Our realtor association sent an email out to everyone today warning us about this ..Thanks for the heads up especially for those that were not warned.
Hi Christianne~ Thanks for the warning and head up. I am off to make sure my computer is updated!
Christianne - Well my friend if my computer gets infected I guess I'll just pack up my bags and head to the beaches in Belize! :-)
Hi Christianne -- Great post, and very informative, thank you.
Wonderful information, Christianne. We're pretty good about keeping our computers up to date with this stuff. One can't be too careful, and it's wonderful that you are sharing the news this way!
years ago I had the sasser b worm and I haven't connected to the office network since.
I read an article on conficker several weeks ago in the Wall Street journal and did a blog post on it. According to the journal it has gotten into several military insiallations around the world. It is good to hear that it can be removed and also prevented.
Christianne, it's all over the news. Have these boys nothing better to do than invent these worms. I heard that Microsoft is offering a $250,000 reward for information leading to the capture of those propagating out the virus. ;-)
I've been busy updating my anti virus on all computers today. Hopefully that will solve the problem.
Christianne,
You can never be too careful out there in the Internet land. These Confickers and company keep getting more sophisticated and more dangerous. Thanks for the update.
YIKES ! Great information.. thanks for sharing this information. I had no clue.
Checking on the patch right now.
I had always kept the Automatic Windows update turned on my computer settings, until recently. I didn't turn it off, but it was off. I think someone in IT support did it. I spent hours and hours running updates on my laptop and desktop today.
Perhaps we can all turn the computer date back a day -- wait until April 2 and then reset the date -- of course i addition to all the other precautions of being sure anti virus is updated and security updates are all set also. Just a thought.
Thanks for the post! Yes, I am fortunate enough to know about it and better yet already protected against it. Unfortunately, I don't know the person that created it otherwise I would be responding to Microsoft instead in hopes of collecting their $250,000 reward!
Thanks for sharing this- I updated my antivirus programs today!
Thanks for the tips Christinianne, i hope the conficker virus does not affect my computer and I will check it out
Great article and update, Christianne. I am updating my computer today. Thanks for sharing.
I think? I hope? Stay off the computer for a few days?
Rainers!!!!!!!!!!! We are the most informed generation ever.
We know what to do. There is no excuse for thinking and hoping!
KNOW and DO!
It is pretty scary to think that people can tap into your computer and get all your passwords to banking accounts ect. I have all the protection but it still makes you wonder.
I think they should drag these people into the street and let us all put worms in them! Its crazy to have a 2000.00 machine maliciously destroyed for fun!
The last thing I did last night was re-run all my anti-virus programs and ensure I have the latest updates. I am definately moving to a Mac the next time I need to upgradee my laptop. My son just got a new Macbook and he swears by it. He's particulary happy about the time it takes to boot up (seconds versus minutes)
Christianne...
I read about this somewhere else yesterday. I then spent a few moments to do one of the most important things you can do to protect yourself from worms like this one. Disable Remote Assistance. I've been taught that many of these viruses go in our back doors. I also checked to make sure I had the patch and my AVG was current. Of course being as anal as I am everything was in order. Having once lost everything on my pc due to my own stupidity, I promised myself 'never again'. So far so good :)
TLW...ROAR!
Christianne, well how about that? they did feature this and thanks again for posting!
Jonathan, LOL, I never know what is going on at the world headquarters but please keep up the good work!
Fortunatley, I do get automatic updates and I can access both those web sites. Now we need to find the jerk who invented this non-sense and put him in jail.
Thanks Christianne! You have done many people a huge favor!
Best regards from Boston, MA!
Judy Boyle
Thanks for taking the time to write. I seem to have avoided this worm; ran the check yesterday-came up clean-no apparent problem today. I hope I never regret doing my banking online!
I backed up last night and emptied my cachce (I hate doing that because it erases my passwords) in preparation. I also updated avast, and did a virus scan.
I've always been ultra cautious online, and a lot of it is common sense. So far, so good. Thanks for the update and detailed info, Christianne!
I guess the only other thing I should have said was MAKE A BACKUP of your data...DOH! I know I did, and gladly, I do not (appear to) have Conficker! But I neglected to tell everyone to regularly make a backup of your data...I guess I'll save that for another post...
Christianne,
Thanks for the additional information.
In addition to anti-spyware and anti-virus software, I have a firewall setup that monitors not only what is coming in, but what is going out.
Christianne - Glad you posted this for the folks that haven't heard about it yet. Thanks for the links as well to fix it. It sure is getting the hype on the news. Scary cyber stuff going on out there.
Christianne - I believe Brad did a post on this worm a few months back but I can't find it now. Maybe confickr got it. lol
Back up Back up shold be today's mantra....
I couldn't agree more. I actually just wrote a great post about backing up and you can find it here!
Insert Disaster (HERE). Do You Know Where Your Data Is?
Whew, I hope all this hype is for not but I certainly made sure that I was protected. Thanks for the post.
Thank you for the information! What an insidious virus. The responses were also really helpful.
Excellent information, thank you
Christianne - Thanks for the info. I've printed it out and I've sent it out to lots of people. Very Informative!
Thanks- Kathy
Hey Christianne!
This seems to be all over the tech world. I wonder how it's all going to pan out? It hasn't hit us yet, but it does seem like something big is in store for the worm. Yikes!
-Lisa
Cornficker looks pretty crazy, I really don't think (hope?) it'll play out quite as bad as people are fearing. Days like this make me grateful I switched to Mac 6 years ago :)
Thank you for the heads up. It is frustrating that we need to continue to stay ahead of these things.
I had to scroll back up to make sure you were a Realtor, not a security expert. Very impressive knowledge and very helpful.
Always keep your computer up to date. Not just Microsoft patches but your Antivirus as well. Other software on most computers such as JAVA, Adobe Acrobat, Hewlett Packard products, and numerous others have automatic updates. Make sure they are all turned on.
My computer stays on all night looking for updates and taking several hours to do full virus. spyware, and adware scans. Can't be too careful these days
Thanks! I never did like worms! : )
We all need to be careful! Very Helpful! ~ JC
Wish I had thought to write this post! I have been warning folks in my office for a while about this. Thanks for taking the time to write it up.
Christianne, thanks for the info.
Ocassionally, I get touched by the conspiracy theorist bug which makes me wonder...who is to gain by these types things - or, sometimes more importantly, the threats alone?