Conficker Computer Worm Threatens Chaos
Or Is It Just an April Fool's Joke? Security Groups Unite to Stop It
March 25, 2009
Somewhere out there, perhaps in Eastern Europe, perhaps next door to us, a very clever hacker is spreading a sophisticated little computer worm called Conficker.
It could make an electronic mess as it spreads from one computer to another, taking over machines and commanding them to do things their users never intended.
"We've got some bad guys out there who are extremely sophisticated," said Merrick Furst, a professor at Georgia Institute of Technology who also chairs an Internet security firm called Damballa. "There are a huge number of machines that might be able to be controlled by people other than the owners of those machines."
Who is behind this computer attack? And what do they want from us? Are they trying to bring the world's computers to a halt? Or is the whole thing just some elaborate April Fool's joke?
"It's not an April Fools prank," said Phillip Porras, a program director at SRI International, a major technology research firm. "We don't know much about how Conficker is being used. We are not sure why Conficker was built."
Small but Sophisticated
"The vast majority of threats we see today are attempts to steal confidential information. We know there's a large underground economy where personal information is sold," said Dean Turner of the online security firm Symantec.
Conficker is a small computer program that has made its way around the world, probably infecting millions of computers that run on Microsoft Windows.
It is not, strictly speaking, a computer virus. Instead, it may link an infected computer with others as if they were one giant, coordinated machine, known to computer scientists as a botnet.
The program automatically turns off various security settings built into Microsoft Windows. It seems to block users from going to major Web sites that provide anti-virus protection. And -- maddeningly -- it contains instructions for infected computers to contact a control system, somewhere out there in cyberspace, on April 1.
As for whether something will actually happen on that day, there's no saying.
"The big thing that makes this one creepy is that it's adapting to the defenses that the security community is putting up," said Dan Kaminksy, a computer security consultant for Seattle-based IOActive, Inc.
Will it affect your personal computer at home? Kaminsky said probably not. Instead, security experts suspect it will go after corporate networks, especially if they run older versions of Windows.
Computers that run on Apple's operating systems, or on the free system Linux, are apparently not affected.