New homeland security tool to detect Conficker worm

Mar 30, 2009
The US Department of Homeland Security released a tool to detect whether a computer is infected by the Conficker worm

The US Department of Homeland Security released a tool on Monday to detect whether a computer is infected by the Conficker worm.

The department, in a statement, said the detection tool for the Conficker worm, also known as DownAdUP, had been developed by the US Computer Emergency Readiness Team (US-CERT).

"While tools have existed for individual users, this is the only free tool -- and the most comprehensive one -- available for enterprises like federal and state government and private sector networks to determine the extent to which their systems are infected by this worm," said US-CERT director Mischel Kwon.

"Our experts at US-CERT are working around the clock to increase our capabilities to address the cyber risk to our nation's critical networks and systems, both from this threat and all others," he added.

The worm is suspected to have infected million of computers running the and Windows maker Microsoft has offered a 250,000 dollar bounty for those responsible for the worm.

US-CERT recommended that Windows users apply Microsoft security patch MS08-067 to help provide protection against the worm.

The patch is designed to prevent an attacker from remotely taking control of an infected computer system and installing additional .

Malware could be triggered to steal data, generate spam attacks or turn control of infected computers over to hackers amassing "zombie" machines into "botnet" armies.

The worm is programmed to modify itself on Wednesday, April Fool's Day, according to specialists.

Conficker had been programmed to reach out to 250 websites daily to download commands from its masters, they said, but on Wednesday it will begin connecting with 50,000 websites daily for instructions.

The hackers behind the worm have yet to give it any specific orders.

"That's the interesting thing. The only thing the worm is being asked to do is to ask for further instructions," Steve Trilling, vice president of security firm Symantec, told the CBS program "60 Minutes" in a story aired on Sunday.

More information:
-- US-CERT recommends that Windows Operating Systems users apply Microsoft security patch MS08-067 (www.microsoft.com/technet/security/Bulletin/MS08-067.mspx) as quickly as possible to help protect themselves from the worm.

-- Instructions, support and more information on how to manually remove a Conficker/Downadup infection from a system have been published by major security vendors. Each of these vendors offers free tools that can verify the presence of a Conficker/Downadup infection and remove the worm:

Symantec:
www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99
Microsoft:
support.microsoft.com/kb/962007
www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

(c) 2009 AFP

Explore further: Hackathon team's GoogolPlex gives Siri extra powers

add to favorites email to friend print save as pdf

Related Stories

Conficker Worm Prepares For A New Release On April 1

Mar 27, 2009

(PhysOrg.com) -- The conficker worm created havoc last year when it infected over 10 million computers on a global scale. The unique design of the conficker worm allowed for this large scale attack to over ...

Downadup Worm Hits Over 3.5 Million Computers

Jan 16, 2009

(PhysOrg.com) -- Security firm F-Secure has advised that the Downadup worm has spread to more than 3.5 million computers by exploiting a vulnerability Microsoft patched last October. This is achieved by trying ...

Help! How to avoid fast-moving computer worm

Jan 28, 2009

Since early January, a worm that has been referred to by several names, including "Downadup," "Kido" and "Conficker," has been infecting millions of computers around the world. The worm exploits a previously discovered vulnerability ...

No foolproof way to beat virus attack for now

Aug 17, 2005

Microsoft continues to be the prime target for those intent on wrecking havoc in cyberspace, but for now the software giant argues that only it can save users from computer-virus attacks.

Recommended for you

Hackathon team's GoogolPlex gives Siri extra powers

10 hours ago

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 5

Adjust slider to filter visible comments by rank

Display comments: newest first

atphan
5 / 5 (2) Mar 30, 2009
Hopefully as our populace becomes more internet and computer savvy, things like this will have less impact.



http://blog.benchside.com
atarikg
1 / 5 (1) Mar 30, 2009
I hate that kinda hackers and I hate why those Anti-Virus Softwares are too expensive. They are not affordable...
shyataroo
3.5 / 5 (2) Mar 31, 2009
Its probably just going to continue asking for instructions until it has enough computers to do whatever it needs. (hacking the CIA database?)
Doug_Huffman
2.3 / 5 (3) Mar 31, 2009
Yeah, right, I'm going to load a free government provided snoop-my-computer program, this after Echelon and Carnivore and all. Right. Fools.

Prepare to be assimilated by the BOG Obongo. Resistance to Obamination is futile. BOG Brother is watching - OBEY!
RayCherry
not rated yet Mar 31, 2009
Hopefully as our populace becomes more internet and computer savvy, things like this will have less impact.


The only current solution is to disconnect, but like social isolation, this is only part of the solution.

With the government providing a response to this virus, it is an indication of the threat posed by millions of interconnected computing devices under only partial control of their owners. Operating system developers, software distributors and retailers are currently ineffective in limiting the opportunities for large scale computing under corrupt or criminal control. The end users are insufficiently educated, and the commercial market can not afford to deter new consumers with a steep obligatory learning curve about Internet security. Hence, none exists apart from annoying and completely evadable pop-up warnings, (if anything at all), and the eventual disfunctionality of the computer due to viruses 'contracted'.

The virus writers are not going to stop. It is subversive science, but science none the less. Trial and error, measured success, progress and evolution. Organic and openly available to any inquisitive mind.

More, it has a commercial value that was recognised many years back by software companies ... the more viruses, the more anti-virus market. Worse, organised crime will use viruses, and the authors of them, to make money estimated to be far in excess of the profits of anti-virus software. Last, (if conspiracy like), we have only to imagine what governments world-wide are doing with this portal into our lives - and into each others national boundaries.

The fact is, most computer users are playing and socialising with a tool that can, if used correctly, bring a country/economy temporarily to its knees.

Who knows? Perhaps it is happening right now.

Paranoia is not going to help. Is the Internet, (and all that available raw computer processing power), as much a risk as a benefit? That is the question.

More news stories

White House updating online privacy policy

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Scientists tether lionfish to Cayman reefs

Research done by U.S. scientists in the Cayman Islands suggests that native predators can be trained to gobble up invasive lionfish that colonize regional reefs and voraciously prey on juvenile marine creatures.

Six Nepalese dead, six missing in Everest avalanche

At least six Nepalese climbing guides have been killed and six others are missing after an avalanche struck Mount Everest early Friday in one of the deadliest accidents on the world's highest peak, officials ...

Better thermal-imaging lens from waste sulfur

Sulfur left over from refining fossil fuels can be transformed into cheap, lightweight, plastic lenses for infrared devices, including night-vision goggles, a University of Arizona-led international team ...