Huge computer worm Conficker stirring to life

Apr 09, 2009

(AP) -- The dreaded Conficker computer worm is stirring. Security experts say the worm's authors appear to be trying to build a big moneymaker, but not a cyber weapon of mass destruction as many people feared.

As many as 12 million computers have been infected by . firm Trend Micro says some of the machines have been updated over the past few days with fake antivirus software - the first attempt by Conficker's authors to profit from their massive "botnet."

Criminals use bogus security software to extort money. Victims are told their computers are infected, and can be fixed only by paying for a clean-up that never happens.

Conficker gets on computers through a hole Microsoft patched in October. PCs set up for automatic Windows updates should be clean.

©2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Explore further: Apple helps iTunes users delete free U2 album

add to favorites email to friend print save as pdf

Related Stories

Don't fret about Conficker: Here's what to do

Mar 31, 2009

(AP) -- The Conficker worm, a nasty computer infection that has poisoned millions of PCs, will start ramping up its efforts Wednesday to use those machines for cybercrimes. It's unclear whether everyday PC users will even ...

Conficker Worm Prepares For A New Release On April 1

Mar 27, 2009

(PhysOrg.com) -- The conficker worm created havoc last year when it infected over 10 million computers on a global scale. The unique design of the conficker worm allowed for this large scale attack to over ...

Conficker worm digs in around the world

Apr 01, 2009

Computer security top guns around the world watched warily as the dreaded Conficker worm squirmed deeper into infected machines with the arrival of an April 1st trigger date.

Recommended for you

A Closer Look: Your (online) life after death

13 hours ago

Sure, you have a lot to do today—laundry, bills, dinner—but it's never too early to start planning for your digital afterlife, the fate of your numerous online accounts once you shed this mortal coil.

Web filter lifts block on gay sites

13 hours ago

A popular online safe-search filter is ending its practice of blocking links to mainstream gay and lesbian advocacy groups for users hoping to avoid obscene sites.

Protecting infrastructure with smarter CPS

20 hours ago

Security of IT networks is continually being improved to protect against malicious hackers. Yet when IT networks interface with infrastructures such as water and electric systems to provide monitoring and control capabilities, ...

Apple helps iTunes users delete free U2 album

Sep 15, 2014

Apple on Monday began helping people boot U2 off their iTunes accounts after a cacophony of complaints about not wanting the automatically downloaded free album by the Irish rock band.

Habitual Facebook users: Suckers for social media scams?

Sep 15, 2014

A new study finds that habitual use of Facebook makes individuals susceptible to social media phishing attacks by criminals, likely because they automatically respond to requests without considering how they are connected ...

User comments : 8

Adjust slider to filter visible comments by rank

Display comments: newest first

NeilFarbstein
1 / 5 (2) Apr 09, 2009
the military is looking for trouble. They are going to run all of their computers and battlefield robots and sensors with one source code. One breach of security with a worm could kill the whole army on a battle field. Singapore could really be the mouse that roared if they continue on that path. Anyone have any comments?
earls
3 / 5 (1) Apr 09, 2009
Fight fire with fire... Deploy a worm that fights the worm(s). Rival "hackers" do it all the time.

A robotic immune system per se... That's what they need, Neil.
Soylent
3 / 5 (2) Apr 10, 2009
Well, it's not that hard to find and fix all potential holes big enough for a worm to crawl through in a given, small piece of code.

There are two things which makes this impossible for production software. Partly it's the sheer magnitude of code, we're talking many tens of millions of lines of source code. And partly it's all the unexpected interactions; two functions might behave exactly according to design documents but the usage of them toghether can still cause problems.
jonnyboy
1 / 5 (1) Apr 10, 2009
the military is looking for trouble. They are going to run all of their computers and battlefield robots and sensors with one source code. One breach of security with a worm could kill the whole army on a battle field. Singapore could really be the mouse that roared if they continue on that path. Anyone have any comments?


Just one, you are an idiot!
superhuman
not rated yet Apr 10, 2009
If what is stated here is true then just follow the money to get to the author.

There are two things which makes this impossible for production software. Partly it's the sheer magnitude of code, we're talking many tens of millions of lines of source code. And partly it's all the unexpected interactions; two functions might behave exactly according to design documents but the usage of them toghether can still cause problems.


I don't know where you got those ideas but they are wrong, it might not be easy but it is *certainly* possible to make 100% secure software no matter it's size. It just takes time and money. Of course you have to use a special kind of language which specifies every last detail of every interface and which can be logically evaluated so that security can be mathematically proved.

One thing limiting this approach is that security has to be the focus from the start so you have to use a special language and compiler and write your own operating system in it. Eventually such systems will replace current OSes in security critical areas, computer hardware can easily handle the overhead nowadays.
x646d63
not rated yet Apr 10, 2009
If what is stated here is true then just follow the money to get to the author.


That is a sensible statement, although many times work is done for hire.

I don't know where you got those ideas but they are wrong, it might not be easy but it is *certainly* possible to make 100% secure software no matter it's size.


No, it is not. It is neither economical nor feasible to even consider writing "perfect" software for commercial purposes.

Functional languages exist for the purpose of writing provable applications, not for the purpose of writing word processors.

Anyone who expects to produce "perfect" software (of significant magnitude) never finishes such.
NeilFarbstein
1 / 5 (1) Apr 13, 2009
If what is stated here is true then just follow the money to get to the author.
















That is a sensible statement, although many times work is done for hire.















I don't know where you got those ideas but they are wrong, it might not be easy but it is *certainly* possible to make 100% secure software no matter it's size.
















No, it is not. It is neither economical nor feasible to even consider writing "perfect" software for commercial purposes.















Functional languages exist for the purpose of writing provable applications, not for the purpose of writing word processors.















Anyone who expects to produce "perfect" software (of significant magnitude) never finishes such.















It's a huge hole in the defense network of the future and physically captuirng computers from our side can make it even easier to crack codes and crash military operations. All real software has problems and holes that can be opened by hackers.



NeilFarbstein
1 / 5 (1) Apr 13, 2009
the military is looking for trouble. They are going to run all of their computers and battlefield robots and sensors with one source code. One breach of security with a worm could kill the whole army on a battle field. Singapore could really be the mouse that roared if they continue on that path. Anyone have any comments?




Just one, you are an idiot!

the military is looking for trouble. They are going to run all of their computers and battlefield robots and sensors with one source code. One breach of security with a worm could kill the whole army on a battle field. Singapore could really be the mouse that roared if they continue on that path. Anyone have any comments?




Just one, you are an idiot!


Don't call me an idiot.
My opinions are important. Normal people will listen to my warnings.
There was an FBI agent that erased all the messages warning about an attack on the world trade center.
You have the same attitude