1215 users online (241 members and 974 guests)  


Websleuths News


Page 1 of 3 1 2 3 LastLast
Results 1 to 15 of 39
  1. #1
    Join Date
    Sep 2004
    Location
    Not Of This World
    Posts
    21,642

    Exclamation Beware Conficker worm come April 1

    In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.


    Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.


    Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.


    Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm's code as they attempt to engineer a cure or find the writer before the deadline. What's known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything's possible. Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.


    At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.


    Microsoft also offers a free online safety scan here, which should be able to detect all Conficker versions.


    http://tech.yahoo.com/blogs/null/128...-come-april-1/


    Follow me on the Twitter! @EricDiesel1972

    Deuteronomy 18:10-12 (KJV)

    10 There shall not be found among you anyone who makes his son or his daughter pass through the fire, or one who practices witchcraft, or a soothsayer, or one who interprets omens, or a sorcerer, 11 or one who conjures spells, or a medium, or a spiritist, or one who calls up the dead. 12 For all who do these things are an abomination to the Lord. (KJV)

    Follow me at my Biblical Blog: http://scripture-demystified.blogspot.com

    Baruch ha Shem Adonai.

  2. #2
    Join Date
    Sep 2003
    Location
    SWFL
    Posts
    2,909

    Thanks!

    Scanning now! I heard a tiny part of this story on the news and knew right where to turn for the details!

  3. #3
    Join Date
    Aug 2003
    Location
    Florida
    Posts
    319
    Thanks for this, DK. Making sure the Windows p/c is up-to-date, but the mac book should be good to go.

  4. #4
    Join Date
    Nov 2007
    Location
    Texas
    Posts
    4,043

    Alternate scan site

    I had a heck of a time getting Microsoft's " stuff" off my PC this AM after I installed what I thought was a scan applet on my PC.
    I would like to suggest the site that is home to Norton Security. www.symantec.com

    They offer a free PC check for both viruses and malware and will scan all of the PC or just certain files and folders of your choice.
    It took hours to deal with the Microsoft stuff. I don't recommend it except for the Update page to make sure all critical updates are installed.

    OR just use Firefox and a good AV suite with all updates on April 1- seems to be the easier thing to do. Firefox is stable and is a free Mozilla browser, not a MS program.

  5. #5
    Join Date
    Oct 2008
    Location
    New York
    Posts
    538
    Does anyone know why when I try to update Windows I get this message...

    The website has encountered a problem and cannot display the page you are trying to view. The options provided below might help you solve the problem.
    Error number: 0x8024D007

    I can't figure it out!!

  6. #6
    Join Date
    Sep 2004
    Location
    Not Of This World
    Posts
    21,642
    Maybe it was a blessing in disguise when I tried downloading IE 8 my browser stopped working altogether, which forced me to switch to Firefox.


    Follow me on the Twitter! @EricDiesel1972

    Deuteronomy 18:10-12 (KJV)

    10 There shall not be found among you anyone who makes his son or his daughter pass through the fire, or one who practices witchcraft, or a soothsayer, or one who interprets omens, or a sorcerer, 11 or one who conjures spells, or a medium, or a spiritist, or one who calls up the dead. 12 For all who do these things are an abomination to the Lord. (KJV)

    Follow me at my Biblical Blog: http://scripture-demystified.blogspot.com

    Baruch ha Shem Adonai.

  7. #7
    SewingDeb's Avatar
    SewingDeb is offline "Sorry, I'm not qualified to land the plane."
    Join Date
    Apr 2004
    Posts
    8,957
    Janet, what problems did you have? I clicked on the link for the free scan in the article and it scanned but then my internet went down and I lost the scan results when I restarted the computer. I guess I downloaded the stuff for the scan and hope it won't be a problem.

  8. #8
    Join Date
    Aug 2008
    Location
    Texas at the moment :)
    Posts
    1,933
    Can this be avoided by not going online for April 1? I really don't know about these things and how they work.
    Only my opinion, no one else need agree.

  9. #9
    Join Date
    Jan 2007
    Location
    MD 'burbs of Washington DC
    Posts
    5,900
    Quote Originally Posted by PattyCake View Post
    Can this be avoided by not going online for April 1? I really don't know about these things and how they work.
    No... 4/1 is just the date it starts running. You could avoid going online on 4/1, but as soon as you boot up on 4/2, go online and come across something carrying the worm, you will still get hit. So that is why it is urgent to get the patch.

    Or buy a Mac... (slaps my hand... bad me! Believe me, even Macs have their issues... just the script kiddies find it a waste to develop worms/viruses for us Mac users. I guess because a majority of computers in use are PCs... messing with Macs don't have much of an impact on the computer using society, I guess...)

  10. #10
    SewingDeb's Avatar
    SewingDeb is offline "Sorry, I'm not qualified to land the plane."
    Join Date
    Apr 2004
    Posts
    8,957
    If it's already on your computer, not going online on April 1st won't help.

    Here's info from Symantec:

    http://www.symantec.com/norton/theme...conficker_worm


  11. #11
    Join Date
    Jan 2007
    Location
    MD 'burbs of Washington DC
    Posts
    5,900
    Oh, so it is embedded... now those are the ones that REALLY suck... ticking time bomb programs are mean little buggers.

  12. #12
    SewingDeb's Avatar
    SewingDeb is offline "Sorry, I'm not qualified to land the plane."
    Join Date
    Apr 2004
    Posts
    8,957
    Yeah, I believe it is embedded but will activate on April 1st if your computer is already infected. I hope someone collects the quarter of a million dollars for finding the person responsible for this little time bomb.
    Last edited by SewingDeb; 03-26-2009 at 11:54 PM. Reason: corection to amount

  13. #13
    SewingDeb's Avatar
    SewingDeb is offline "Sorry, I'm not qualified to land the plane."
    Join Date
    Apr 2004
    Posts
    8,957
    On the Symantec site, it said one way to know if your computer is infected with this worm is if you are blocked from the major security sites.

  14. #14
    Join Date
    Nov 2007
    Location
    Texas
    Posts
    4,043

    What to do if you go to an infected site from a link

    Quote Originally Posted by SewingDeb View Post
    On the Symantec site, it said one way to know if your computer is infected with this worm is if you are blocked from the major security sites.
    WHOA! Yep, that would be a major sign of a badly infected computer. Scary to think about!

    BTW, a few basic things will protect people from email worms.
    First, disable the "preview" option in email. Opening emails one at a time, with the others closed in your inbox, is the best way I can describe what email looks like with the preview option disabled.
    Only open and view emails with your email AV scanning processes working, and don't open an email that looks like it's either " undeliverable" with a Mail- daemon address, a Postmaster address, or which has an attachment and is from a questionable site or unknown person. Delete them unopened.
    You can view the TRUE sender of all email by not opening the mail, but going to the menu and selecting " Properties". It will give you the sender's email address as well as the print contents while the email stays safely closed.

    Next, if anyone gets the Conflicker or like malware, or ever goes to a photo link or video link that has been corrupted by an outside force that starts multiplying or putting other nasty uncontrollable things on the screen, which happens here on WS sometimes, you will probably have to do a " hard" shut down of your PC ( pressing the OFF button quickly and holding it down until the computer shuts down instead of using the Windows shut down menu option.)

    If this happens to you like it has to me several times recently in some older cases which have corrupted external site photo or other news media links, you should protect your computer as best as possible with a safe and limited restart.
    To protect your files and hard drive, restart your PC only in SAFE mode, and run a full system AV/ Malware scan before doing anything else, including before starting your web browser or opening your email program.
    If you find anything, let your program remove it if possible. Don't do a System Restore with any " bugs" still showing up in a system scan. You'll just corrupt your last System Restore point. That date will have to be deleted from the " System Restore" calendar menu.

    How to start your computer in SAFE MODE with Windows XP:
    During start up, hold down the F8 key. The computer will tell you that it is starting up in safe mode and that all features and functions will not be available.

    How to start your computer in SAFE MODE with Windows VISTA:
    To get into the Windows Vista Safe mode, as the computer is booting press and hold your "F8 Key" which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode" and press your Enter key.

    With some computers if you press and hold a key as the computer is booting you will get a stuck key message. If this occurs, instead of pressing and holding the "F8 key", tap the "F8 key" continuously until you get the startup menu.

    I hope we all stay safe, but I am finding lots of older case media links with badly compromised malware on the re-directed sites. It's not the fault of anyone on WS, but something that happened with the outside source page.

    Maria

  15. #15
    Join Date
    Feb 2009
    Location
    California
    Posts
    6,871
    Bump...
    .... ....... My posts are my opinion, only.

Page 1 of 3 1 2 3 LastLast


Similar Threads

  1. Beware the Santa worm on your IM'r!
    By Norma in forum Up to the Minute
    Replies: 0
    Last Post: 12-21-2005, 06:00 AM