Nightmare on April Fool’s

In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.

Malware creators love to target April Fool’s Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we’ve seen in years.

Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent… though no one is quite sure exactly what it will do when D-Day arrives.

Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm’s code as they attempt to engineer a cure or find the writer before the deadline.

What’s known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything’s possible.

Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.

Conficker is clever in the way it hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day — which security researchers and ICANN simply bought and/or disabled — but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can’t be tracked and disabled by hand.

At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.

Microsoft also offers a free online safety scan here, which should be able to detect all Conficker versions.


Run you fools!  The Conficker cometh!

Run you fools! The Conficker cometh!

I really want to get that quarter million reward for myself, but whoever made  something as scary as Conficker would probably be devious and scheming enough that it’d be a waste of time trying to track his April Fool’s ass down.

So maybe I’ll just update my OS and anti-malware –  my Windows  and  ESET NOD32 in all their counterfeit, hacked version  glory (this is the Philippines after all, 99 out a hundred  PCs have hacked software – what people commonly call pirated). I just hope that Conficker thingy is allergic to pirated stuff.

And I think that maybe the techies just blew this thing out of proportion – maybe the dreaded scenario won’t play itself out after all. Maybe it’s just some elaborate April Fool’s joke played out on the masses, and all Conficker really does is make a porn site the default homepage of your Firefox.

But then again if it really is real, then we better start running around and screaming at the top of our lungs, because Confucker Conficker will fuck fick us up.


~ by Kevin on March 25, 2009.

6 Responses to “Nightmare on April Fool’s”

  1. […] Cabal is in pursuit of the author of the malware and hopes to minimize potential damage to folks April Fool’s Conficker Nightmare – 03/25/2009 In an event that hits the computer world only once every few […]

  2. hahaha..
    i remember the buzz they created with the y2k bug..
    and then look what happened.
    but i guess, i should do some back-ups of my own,
    just in case worst comes to worst.

  3. Yeah exactly. These techie pros are always fond of giving out doomsday scenarios that usually never pan out. With all the hype surrounding the supposedly devastating y2k bug, it was such a letdown when the millennium came around. I feel this conficker thing is almost the same old story all over again. But I updated everything already anyway haha

  4. Fortunately not all platforms are affected by things such as this and that makes some people think that it’s one big conspiracy.

  5. I even think it is. Just tsktsk said above, it seems to be the y2k bug scare all over again.

  6. hi kevin,

    thanks for dropping by to my site. your blog is neat and spontaneous. i like the way you convey your thoughts. sure you can add me, i’ll add you too.

    keep blogging!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: