Conficker worm plays no tricks on April Fools' Day
THE Conficker worm's April 1st trigger date came and went without the bedeviling computer virus causing any mischief but security specialists warn that the threat is far from over.
Conficker did just what the "white hats" tracking it expected -- the virus evolved to better resist extermination and make its masters tougher to find.
"There are still millions of personal computers out there that are, unknown to their owners, at risk of being controlled in the future by persons unknown," said Trend Micro threat researcher Paul Ferguson.
"The threat is still there. These guys are smart; they are not going to pull any obvious strings when there are so many eyeballs on the problem."
A task force assembled by Microsoft has been working to stamp out the worm, referred to as Conficker or DownAdUp, and the US software colossus has placed a bounty of 250,000 dollars on the heads of those responsible for the threat.
The worm was programmed to evolve on Wednesday to become harder to stop. It began doing just that when infected machines got cues, some from websites with Greenwich Mean Time and others based on local clocks.
The malicious software evolved from East to West, beginning in the first time zones to greet April Fools' Day.
Conficker had been programmed to reach out to 250 websites daily to download commands from its masters, but on Wednesday it began generating daily lists of 50,000 websites and reaching randomly 500 of those.
The hackers behind the worm have yet to give the virus any specific orders. An estimated one to two million computers worldwide are infected with Conficker.
The worm, a self-replicating program, takes advantage of networks or computers that haven't kept up to date with security patches for Windows RPC Server Service.
Comments