• On TV.com: TOP 10 Shows CANCELED Too Soon
April 12, 2009 7:04 AM PDT

Windows users brace for Conficker's wiggle

by CNET News staff
  • Font size
  • Print
  • 32 comments
roundup The Conficker worm is keeping security experts on their toes, trying to scope out exactly how and when it might strike.

Ounce of protection
Rid your computer of Conficker
It's a frustrating but not insurmountable problem. This guide will walk you through how to cleanse your computer and inoculate against other Conficker variants.

Report: Conficker worm bites University of Utah

More than 700 computers at the University of Utah, including those at its three hospitals, have been infected with the worm.
(Posted in Security by Natalie Weinstein)
April 12, 2009 7:04 AM PDT

Conficker also installs fake antivirus software

In addition to dropping a mystery payload on infected machines, the Conficker worm installs software that tries to dupe people into paying nearly $50 for fake antivirus software.
(Posted in Security by Elinor Mills)
April 10, 2009 4:00 PM PDT

Researchers say Conficker is all about the money

Conficker's ties to a large spamming and password-stealing botnet give credence to the speculation that money, and possibly malicious Eastern European hackers, are behind the latest Internet worm infection.
(Posted in Security by Elinor Mills)
April 9, 2009 11:43 AM PDT

Conficker wakes up, updates via P2P, drops payload

Conficker is updating itself on infected computers via peer-to-peer technology and is programmed to stop running on May 3, Trend Micro researchers say.
• Podcast: Conficker using P2P to spread payload
(Posted in Security by Elinor Mills)
April 8, 2009 3:27 PM PDT

Eye chart can help diagnose Conficker

April Fools' Day passed with much angst over and little action from the Conficker worm, but that doesn't mean it's not a threat. Quickly determine if you're infected with this "eye chart."
(Posted in The Download Blog by Seth Rosenblatt)
April 3, 2009 5:36 PM PDT

All quiet on the Conficker front. Now what?

Just because Conficker was quiet doesn't mean it won't act in the future, turning unsuspecting PCs into spam-sending drones or stealthily stealing passwords from people, experts say.
(Posted in Security by Elinor Mills)
April 1, 2009 8:05 AM PDT

Countdown to Conficker--a bust so far

Researchers say the worm is awake on computers in Asia where it's already April 1, but so far it hasn't taken much action. We'll keep you updated here.
(Posted in Security by Elinor Mills)
April 1, 2009 6:35 AM PDT

Podcast: Worm 'phoning home' but getting no answer

Security watchers at McAfee say that Conficker is trying to communicate with master computers but isn't getting through.
(Posted in Larry Magid at Large by Larry Magid)
April 1, 2009 5:21 AM PDT

Conficker flaw reveals which computers are infected

Researchers find flaw in Conficker that lets them detect which computers have the legitimate Microsoft patch and which were "patched" by the worm itself.
• Conficker demonstrates complexity of IT security
(Posted in Security by Elinor Mills)
March 30, 2009 1:54 p.m. PDT

Podcast: Conficker worm dissected

David Perry, education director of Internet security company Trend Micro, discusses the implications of the worm.
(Posted in Larry Magid at Large by Larry Magid)
March 30, 2009 11:04 p.m. PDT

Conficker worm might originate in China

A Vietnamese security firm concludes that the Conficker worm has the same root as the Nimda, which the firm believes originated in China.
• Malware probes find a China angle
(Posted in Security by Dong Ngo)
March 29, 2009 7:30 p.m. PDT

'60 Minutes': What's next for the Conficker worm?

A report on the CBS News television news program examines one of the Internet's most dangerous computer worms.
(Posted in Security by CBS Interactive staff)
March 29, 2009 7:00 p.m. PDT

FAQ: Conficker time bomb ticks, but don't expect boom

Worm's latest variant is set to start hitting random domains on April 1. But security experts say the damage might not be as serious as the hype suggests.
• U.K. parliament computers get Confickered
(Posted in Security by Elinor Mills)
March 25, 2009 5:10 p.m. PDT


Watch CBS Videos Online

Previous coverage

Latest Conficker worm gets nastier

Conficker.C blocks access to protective services, downloads a Trojan, and is programmed to seek out 50,000 domains on April 1, as the authors of the worm try to outsmart security vendors.
(Posted in Security by Elinor Mills)
March 13, 2009 1:22 p.m. PDT

Conficker worm targets Southwest Airlines site

Those flying Southwest Airlines on March 13 were expected to have trouble doing online check-in as the site is being targeted by the Conficker worm, security expert says.
(Posted in Security by Elinor Mills)
March 2, 2009 1:06 p.m. PST

New variant of Conficker worm circulates

New variant of Conficker opens backdoor on infected machines that attacker could use to install malicious programs later.
(Posted in Security by Elinor Mills)
February 23, 2009 4:13 p.m. PST

Microsoft offers $250,000 reward for Conficker arrest

Software giant offers bounty for arrest and conviction related to Conficker Internet worm that spreads via Windows hole, USB drives, and network shares.
(Posted in Security by Ellinor Mills)
February 12, 2009 12:48 p.m. PST

French planes grounded by Windows worm

The French military, despite being warned by Microsoft that the Conficker virus might infect their computer systems, allegedly didn't take sufficient precautions. Result: grounded fighters.
(Posted in Technically Incorrect by Chris Matyszczyk)
February 8, 2009 8:42 a.m. PST

Conficker spreads as Waledec delivers mal-entine

The Conficker/Downadup worm continues spreading via a Windows hole and USB devices, while a Waledec worm tricks victims with Valentine e-mail.
(Posted in Security by Elinor Mills)
January 29, 2009 1:30 p.m. PST

Expert: Worm spreading in many ways becoming an epidemic

he worm known as Kido, aka Conficker or Downadup, evolves to spread via removable devices and other means besides just exploiting a Windows vulnerability.
(Posted in Security by Elinor Mills)
January 15, 2009 2:03 p.m. PST

Internet worm exploits Windows vulnerability

Security hole in Windows that Microsoft released patch for last month is being exploited by worm and bots, Microsoft says.
(Posted in Security by Elinor Mills)
November 26, 2008 1:39 p.m. PST

Topics:

Vulnerabilities & attacks

Tags:

Conficker,

Microsoft,

worm

Share:
Digg
Del.icio.us
Reddit
advertisement
Click Here
Recent posts from Security
Microsoft actively urges IE 6 users to upgrade
Microsoft investigating 'black screen of death'
Pub fined $13k for Wi-Fi copyright infringement
Tips for safe online shopping
Big changes in Security Starter Kit 2010
Confidential 9/11 pager messages disclosed
Microsoft warns of IE exploit code in the wild
Chrome OS security: 'Sandboxing' and auto updates
Related
Phishing, worms spike this year, say Microsoft and McAfee
Another iPhone worm, but this one is serious
Jailbreakers beware: iPhone malware evolves rapidly
Rick Astley resurrected in iPhone worm
The 404 Podcast 469: Where CBS turns our Twitter account into a sitcom
Rickrolling iPhone worm is never gonna give you up
Secure your jailbroken iPhone against worm
Why crutches may soon be relics of the past
Add a Comment (Log in or register) (32 Comments)
  • prev
  • 1
  • next
by seven7dust March 31, 2009 2:08 AM PDT
aren't people taking this conflicker worm too seriously
Hey I use a Mac so I'm not really bothered
but wats so different about this worm than the 750,000 others don't posses
can anyone spread some light on the subject !
and hasn't Windows update already fixed it ?
Reply to this comment
by ckurowic March 31, 2009 5:49 AM PDT
Windows updates never really "fix" anything, they are shoddy band-aids that are easily bypassed again. After all, thats what every version of Windows has been, another band-aid.

Yes people are taking it way too seriously. Even Windows users with a little common sense can avoid it...although if they REALLY had common sense they wouldn't be using Windows unless they were forced to anyway. Hey all is fair on CNET, I get flamed daily for liking Mac's, so this is my chance to stick it to Windows users. SMART CHOICE GUYS. NICE OS. Bug ridden POS.
by 1363nd0f1337 March 31, 2009 6:56 AM PDT
You're right, the OS is nice. I can throw as much or as little hardware in my box as I want and I still don't have to worry about this retarded worm. Seriously, any Windows user that gets infected is a moron for not using the update service. And I don't know why so many people have problems when they use Windows, it's done nothing but "just work" for me everyday, be it my laptop in class or my desktop once I finally get back to my dorm. I have a tendency to run systems into the ground and the machines I'm running now are doing absolutely fine. Never had a virus, trojan or worm. It's really not hard to avoid those things, you just have to watch where you navigate to on the internet and make sure that computers on you LAN at home are updated. It only takes a few minutes to go through the update process so I am at a loss as to why so many choose to neglect it. Oh well. And churowic, it's best to ignore those who spout BS. Yes I use Windows, but I do recognize OS X as a robust OS and anyone that says different is a troll.
by ballmerisanape March 31, 2009 7:12 AM PDT
1363nd0f1337,

There are lots of scenarios where leaving on automatic updates will cause more problems than it's worth. Many corporate IT folk build custom applications built on IE technologies.... Windows updates tend to break these....

The fault lies on people that rely solely on Microsoft products.
by 1363nd0f1337 March 31, 2009 7:40 AM PDT
I never said leave it on, I said use it. There are settings where it will notify you of downloads and allow you to choose from them. I don't let anything install on my system without me seeing it first. I don't care for some updates and others I want so I like the choice. And yeah, IE (I assume you're talking about the browser) is crud, absolute crud. I use Firefox and love every minute of it. And the fault lies on people who are neglectful. If you can't manage to screen out certain updates, have a good up-to-date enterprise firewall and some form of network security then you're asking for it. I mean, DeepFreeze and other products allow you to administer computers effectively without allowing malicious software to install or without allowing incompatible software to install. You set up shares for the employees on servers and allow them to save their stuff on the servers and then when they leave at night, you reboot the machines and DeepFreeze removes anything that isn't approved. Simple, effective management. These days any computer attached to a network is at risk for some form of intrusion or attack, so not taking measures against this is just stupid.
by gofalcons March 31, 2009 12:16 PM PDT
ckurowic, you dont get flamed daily for liking macs, you get flamed daily for making stupid comments about windows that just proves you don't have any background in i.t.. I for one know that each os, mac and windows both have their advantages and shortcomings....but your obviously biased apple comments make you sound like a brainwashed fan boy
by Lerianis3 March 31, 2009 12:19 PM PDT
Ballmerisanape, those businesses should not be using those proprietary things then. I mean, come on: a SMALL update to Windows XP or Vista breaks an application? DELETE THE APPLiCATION and DEMAND your money back!
No reason for that. I can understand something like XP SP2 or SP3 breaking ****..... not small updates. IE8 breaking stuff? That I can understand, you are basically rewriting a WHOLE PROGRAM.... though really, those 'proprietary programs' shouldn't be using IE in the friggin first place.
Write their own viewing program.... problem solved! Or, better yet: write the thing to be compatible with a STANDARDS COMPLIANT BROWSER like Safari, Firefox, etc.
by GraphicsX April 1, 2009 6:49 AM PDT
Unix based computer cannot be affected by the worm,
sadly i have windows XP.
by hellomad April 1, 2009 10:11 AM PDT
ballmerisanape
frankly? windows when updates? asks do you need this update for your computer? it asks for the DAMNED permission. same with linux, but linux users can run ./configure --help, make <params/switches>, make -k check, make install to install, their wish. i havent used anything from mac except darwin, so then they will also ask perhaps do we need additional fixes and patches and updates? its totally upto the user to select or deselect. if you cant differentiate between and apple and an orange then dont argue the glorified utter rubbish point trying to compare apples and oranges. its all right under your nose. if you cant see you are a BLIND. no wonder why people get infected inspite of repeated warnings. mac OS is nice OS, but if you dont know what to select then you are an utter idiot and probably you need to sell fish than browse online. any OS/software has got their own pros and cons. noone except a few argue about it whole life.
its like:
to kill a blue elephant use a blue handgun,
pink elephant? squeeze the trunk of a pink elephant till it turns blue and then use the blue handgun to kill it.
phew.
by brelinfernandoknowsall March 31, 2009 6:10 AM PDT
this is an april fools joke you idiot
Reply to this comment
by Efrow March 31, 2009 6:13 AM PDT
Windows users brace for Conficker's wiggle - Linux users sit back and relax.
Reply to this comment
by BogusBasin March 31, 2009 9:24 AM PDT
Me like worms. Me like MS. Mac be toy. Mac too expensive. Mac too easy. Mac too fun. Me need pain. Amen
Reply to this comment
by cobaltblue1975 March 31, 2009 11:38 AM PDT
Its times like this when I am SOOOOOOOO glad I ditched windows. On the bright side, at least it's not another "I love you" virus. Remember that pain in the arse?
Reply to this comment
by 1363nd0f1337 March 31, 2009 11:55 AM PDT
Personally, I'm still amazed that people haven't figured out that it's when they don't do software updates that they run into problems. I've had many friends whine and ***** about having viruses but when I see something that is obviously a virus show up in their email, you know the kind, the email that doesn't even have your email address in the To line and has words grossly misspelled, and yet they click on it because it has an attachment. All we can do is keep our handy facepalms ready and hope that they don't pass their stupid gene on.
by Lerianis3 March 31, 2009 12:20 PM PDT
Ditching Windows isn't going to help you very much once Linux becomes more than a 10% market. Same thing for OSX. They will start writing viruses IN BULK for those operating systems then, and as the guy from Pwn2Own said...... OSX doesn't have the best security under the sun, in fact, unlike Windows Vista.... NO HOOPS TO JUMP THROUGH! You violate Safari somehow...... you're F'ed.
by 1363nd0f1337 March 31, 2009 1:08 PM PDT
Sorry, but the term "violate Safari" made me giggle. Yeah, my mind went to a dirty place.
by cobaltblue1975 March 31, 2009 2:27 PM PDT
Lerianis, except Unix doesn't have the security holes windows does. Nothing gets done without root. No ifs ands or buts. Now if somehow someone were to be dumb enough to give up the password then things could get spicy. :) I also wonder how many of the people that write these viruses are windows uses or *nix users. I've often wondered do they write these for the sheer recognition and fame or because they hate Microsoft so much. Probably both.
by 1363nd0f1337 March 31, 2009 3:12 PM PDT
@cobaltblue1975

More often than not malicious software is written for profit. Stealing bank account information and passwords to said accounts can be a lucrative business.
by hellomad April 1, 2009 10:29 AM PDT
"Lerianis, except Unix doesn't have the security holes windows does. Nothing gets done without root."
oh really? is it? openbsd used to boast the ulimate secure OS in planet and finally one bug or rather intelligent developer coder proved them wrong. there is something calles as access control rights, acl and mandatory access control and many more techniques, if those are employed many more disaster can be avoided. hey we also got PAM we got shiboleth, STFG these makes the OS provided you know how to do things extremely hard to be sacrificed. now you can have a hardcore server where own2pwn wont work w/o some recon work. ans as usual there is an * somethere and under it "CONDITIONS APPLY" which no one bothers to read.
oh wait, recently in sept or oct or so? the prng i.e. pseudo random number generator was found vulnerable and they exploited the 1024 bit gpg key and owned the gluck debian repo IIRC? so how you define that?
and own2pwn? mmmmmm, i am sure those computers are by those who havent tuned it much. then by now, if we follow the practice employed in the own2pwn all the computers in this universe will be owned. and thats so saddddddddddd, because i didnt my friday laundry.
BS. each computer is each's responsibility. moment i got the news info gpg 1024 g key is vulnerable? debian sent out a massive notification making a compulsory upgrade/patch/fix STFG for it. and then they made it mandatory change in the key bit from 1024g to 2048 bit or higher. so? now how does this makes unices/linux OS safe? and mac had its ipv6 vulnerabilty where by the mac users were ask to disable ipv6 service update the patch and then play around? each system got its pros and cons and secondly?security vulnerabilty is an important thing, if not disclosed? you could be well exploited w/o any prior knowledge. and windows? i guess everyone speaks how many times their codes need reordering? so when the whole planet is tilted by 23 and a 1/2 degree? how you expect any OS be it windows, unix, linux, bsd, beos, mac os to be perfectly fault free. and if it happens? then that day machine will replace human being as we are useless anyway. duhhhhhhhhhh!
now how you address this crisis? heh!
by aintnorainbowdorothy March 31, 2009 1:17 PM PDT
I don't use automatic download, instead having a notice that downloads are available. Automatic download is for people who are frankly too lazy to make sure fo the proper download. That's how people get a virus like Confiker and all variants of it. These are also the people who use no anti-virus. I use IE8, turn off unnecessary programs and have no problems. I use the accellarators available to make the OS run as fast as any other. Yes Firefox is an excellent OS as is Safari (there's a Macbook in the family of computers at my house). However, I've found IE to be more han sufficient. If a person uses common sense ( an oxymoron), then IE, in whatever iteration, is perfectly suitable.
Reply to this comment
by JayWes March 31, 2009 2:09 PM PDT
Yes Microsoft Computers are more commonly targeted by Worms. Way back in 1970 when a PDP-10 crashed; I was told by an ace programer no operating system could be 100% checked for every possible thing, and if it was so checked out, it would have been long time obsolete. What was true then is true now.

There are so many computers running microsoft windows that they are a nice target. There are millions of teenagers and other malcontents with nothing to do but play fun and games with computer systems.

Add a feature to do something useful to an operating system, somebody will find an unintended function.

Way back in 1960 in a laboratory, long before personel computers, there was a very dangerous machine that was made safe with numerous fail-safe interlocks. The day after it was built, somebody testing a piece of equipment found a way to defeat all the interlocks. I quote this person, "If a human being built it; another human been can find a way to misuse it."

What was true in 1970, and 1960 is even more true today.
Reply to this comment
by 1363nd0f1337 March 31, 2009 3:23 PM PDT
Yep, people like breaking the things that other people create.
by hellomad April 1, 2009 10:02 AM PDT
JayWes
hats off comment. you just said in these many lines what tonnes of websites are trying to say. what more can i say. be aware. some non-dev MAC-MORON may even criticize this and will ask all to move to MAC.
if its your resources? its your headache/responsibility to fix it. since this is a PC no one is your slave to obey your orders.
seriously? i wonder why PC was made available to the HAVE NOTS. they literally ruined the entire field computation concept. well, whatever happens happens for good and every mistake is a lesson in turn, and if not all, i must learn from them and move on.
update and upgrade the recommended things. phew. i guess even a sheep will say baa if we scream so much. signing off.
by Michichael April 1, 2009 3:38 PM PDT
Should be retitled - News organizations panic about worm that was patched back in October, thus only affecting pirated copies of Windows.
Reply to this comment
by Careakith April 9, 2009 7:48 AM PDT
Even pirated copies get critical updates if they have it turned on.
by Careakith April 9, 2009 7:48 AM PDT
The sound of the conficker warning is a million bloggers typing. The sound of confickers attack is the the sound of silence.

whats the big deal yo? Its been patched since Oct and any decent av will take care of it at this point. If you get conficker its because you are DENSE.
Reply to this comment
by thinkbam April 10, 2009 1:05 PM PDT
If the Internet dies, do we die with it?

Check this article out:

bamintel.blogspot.com
Reply to this comment
by jog4444 April 13, 2009 12:11 AM PDT
The conficker changes code and form constantly. In order 2 stop it, the code needs 2 be isolated in all connections.. no internet. But we need the internet. It makes it self basically part of the system. They may have made a patch, but it changes.
Reply to this comment
by illmaticscripts April 13, 2009 9:22 AM PDT
<embed src="http://i.ehow.com/images/widget/rss.swf?feed=http%3a%2f%2fwww.ehow.com%2fWidgetRss.aspx%3fuserId%3d9052aee7-f8bd-4683-8873-fdb6b9319f8a" width="300" height="450" allowScriptAccess="always" type="application/x-shockwave-flash"/><br><a href="http://www.ehow.com/videos.html" target="_blank">How to Videos</a> & Articles: eHow.com
Reply to this comment
by Angmarr April 13, 2009 7:52 PM PDT
Not much bracing here!
Reply to this comment
by Steve_KTG April 13, 2009 9:23 PM PDT
For someone with a background in IT or has served as an administrator/moderator it takes less than five minutes to fend off the conficker worm. However, for those lacking that background I could see how it might be intimidating. I referenced concerned family members to sites like <a href="http://www.justaskgemalto.com/en/news/cyber-security-community-joins-forces-defeat-conficker-worm" rel="nofollow">This*</a> digital security one.
Reply to this comment
by AKFG91 September 19, 2009 2:47 PM PDT
well i have a theory how to stop it but theres one way to stop it is doing this open your winrar program and explore you hard drive it need to appear this recycler the only way to erase it is doing this press SHIFT+DEL and the recycler is gone

but if you want that the recycler wont appear more each time that you want to erase any document just do that SHIFT+DEL and that worm womt appear no more
Reply to this comment
(32 Comments)
  • prev
  • 1
  • next
advertisement

S.F. hacker space: Heaven for the DIY set?

The Noisebridge hacker space offers sewing and Mandarin classes, soldering workshops, Internet-controlled front door access, and a server room with no door.
• Photos: Circuits, code, community

The browser battles go on and on

roundup From Firefox to IE and from Chrome to Opera and Safari, there's no sitting still for browser makers looking to keep their products fresh and competitive.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET