Conficker Worm Prepares For A New Release On April 1

March 27, 2009 by John Messina weblog
Conficker Worm April 1 Release

(PhysOrg.com) -- The conficker worm created havoc last year when it infected over 10 million computers on a global scale. The unique design of the conficker worm allowed for this large scale attack to over 8 million business computers and scores of individual computers in 2008.

The conficker worm is periodically evolving by downloading updates that creates thousands of false domains daily to throw off security investigators. On the day it chooses to update, it selects 500 correct domains out of the 50,000 candidates to download malware and updates from.

On the first release it tried to download and execute a file called loadav.exe. It turned out that the file was never uploaded and the next generation did away with this. This led investigators to believe it was a malware program trying to promote itself as fake antivirus software.

The second release, the worm used Windows Services, on unpatched machines, to spread. This new release also had the power to spread over network shares by trying to log in autonomously into network machines with weak passwords. It developed the ability to infect USB sticks connected to infected machines, giving it another means of transmission.

On the final and third release, which became know as the Downadup virus, peer-to-peer communication between infected systems was added to it's arsenal of weapons. The virus also added new domain-generation algorithms to help it disguise where it was receiving its updates from.

Microsoft is offering a bounty for the worm's writers and security experts are no closer to having any clue as to the individual or individuals who are writing the Conficker code.

As Conficker continues to spread and get smarter, there is little doubt it's creating an army of infected machines, one that can cause serious damage. On April 1 we will see the attacks be taken to the next level. One can only guess what this next release has in store for the Global Internet Community.

© 2009 PhysOrg.com

3.8 /5 (16 votes)  

Filter


Move the slider to adjust rank threshold, so that you can hide some of the comments.


Display comments: newest first

columbiaman
Mar 27, 2009

Rank: not rated yet
How exactly do we know that the worm is getting an update on April 1st?
jmessina
Mar 27, 2009

Rank: 4 / 5 (1)
The latest variant of the worm, Conficker.C, is programmed to do something on April 1. What exactly its will do no one knows.
moj85
Mar 27, 2009

Rank: 5 / 5 (1)
it will turn into SkyNet!
Mayday
Mar 27, 2009

Rank: 5 / 5 (1)
If they have determined the date, why not out-smart the clock so it reads as April 1st and see what it does?
Ant
Mar 27, 2009

Rank: 1.5 / 5 (2)
If you are not the attaker HOW DO YOU KNOW
Bob_Kob
Mar 27, 2009

Rank: 5 / 5 (1)
Its an april fools joke.
LuckyBrandon
Mar 27, 2009

Rank: 3.7 / 5 (3)
i would tend to agree with bob kob...any legit virual entity, especially one where the developers are truly unknown persons, will NEVER have a release date for the next version of the virus.
The ONLY way I could see that happening, is if the antivirus companies themselves are developing the virus (which, btw, they DO have people on staff that do nothing but develop viruses so the code can be used to expand the AV softwares viral database)....I also wouldnt doubt that is the case with that being said.


we're still about a decade away, give or take a few years, from anything even approaching the capabilities of skynet...oih except for my domain controller bearing the same name...oh and about 50 of my buddies domain controllers as well :)
thales
Mar 27, 2009

Rank: 4 / 5 (4)
Let's see: it's powerful, it inhabits millions, it's been killed only to rise again, and its final coming is at hand.

I for one have already asked Conficker into my heart and joyously await its arrival. The rest of you are screwed.
Mercury_01
Mar 27, 2009

Rank: 5 / 5 (1)
WORM BAD!!!!!!!!!
MorituriMax
Mar 28, 2009

Rank: 4 / 5 (4)
thales, lol... you have made me also see the light.

hilarious
Sky2042
Mar 28, 2009

Rank: not rated yet
I for one have already asked Conficker into my heart and joyously await its arrival. The rest of you are screwed.


You also share your loyalties to the FSM, don't you?
Ashy
Mar 28, 2009

Rank: not rated yet
Somehow or other it will be very funny Fools day :)

"At April 1 we will announce our new great virus!" *applause* "It will be more mysterious and dangerous than previos versions!"
Modernmystic
Mar 28, 2009

Rank: 1 / 5 (1)
Let's see: it's powerful, it inhabits millions, it's been killed only to rise again, and its final coming is at hand.



I for one have already asked Conficker into my heart and joyously await its arrival. The rest of you are screwed.



Does this article have something to do with religion or is it that you can't help exercise your bigot fetish and troll like a moron on every thread you post on?
javes
Mar 28, 2009

Rank: not rated yet
Modern mystic is completely correct, except for one thing... Why just exclaim everyone else is screwed? Prosthetize!
shyataroo
Mar 28, 2009

Rank: not rated yet
And people wonder why I have a mac.
Velanarris
Mar 28, 2009

Rank: 5 / 5 (1)
And people wonder why I have a mac.

Because you bought into all of that "Mac is virus proof" crap?
Modernmystic
Mar 28, 2009

Rank: 5 / 5 (1)
And people wonder why I have a mac.


If you were a sociopathic jerk and wanted write malicious code and really screw with a lot of people's lives would you....

a)Write said code so it will only effect 1% of the population, or...

b)Wrist said code so it will effect 99% of the population?

Don't break something thinking TOO hard about it...
Ant
Mar 29, 2009

Rank: 5 / 5 (1)
I too have a freind who is convinced that Macs are virus proof. I would suggest that most atakers beleive mac are so irrelavent they cant be bothered.
random
Mar 30, 2009

Rank: 4 / 5 (1)
cool, I can't wait
Velanarris
Mar 30, 2009

Rank: 2 / 5 (1)
I too have a freind who is convinced that Macs are virus proof. I would suggest that most atakers beleive mac are so irrelavent they cant be bothered.
Ask your friend why they continue to make (and sell) antivirus products for Macs if they're virus proof.
QubitTamer
Mar 30, 2009

Rank: not rated yet
You thought it was over... You thought it was forgotten... but on April 1st, 2009...







All your base are belong to us!



eeeent!
eeeent!
eeeent!
Mercury_01
Mar 31, 2009

Rank: 5 / 5 (1)
WHAT HAPPEN?!?!?


SOMEBODY SET US UP THE BOMB!!!!!
Ethelred
Mar 31, 2009

Rank: not rated yet

SOMEBODY SET US UP THE BOMB!!!!!


Terrible. You got your bad translation WRONG.

Its

"Somebody set us up the bomb."

Your way makes too much sense. Please get it right in the future.

A more appropriate choice of mistranslations would be:

You have no chance to survive make your time.

Ethelred
Mercury_01
Mar 31, 2009

Rank: not rated yet
What you say? Thats actually how I talk.
Velanarris
Mar 31, 2009

Rank: not rated yet
What you say? Thats actually how I talk.

Not surprising.

FYI: if you've run windows update since July 08 you're all set.
Mercury_01
Apr 01, 2009

Rank: not rated yet
What you say? Thats actually how I talk.


Not surprising.





FYI: if you've run windows update since July 08 you're all set.




I think you may have missed the joke, V. Here: youre about 10 years late, but Im sure its still funny.

http://www.youtub...ugh-fFgg
Velanarris
Apr 01, 2009

Rank: not rated yet
I think you may have missed the joke, V. Here: youre about 10 years late, but Im sure its still funny.

http://www.youtub...ugh-fFgg

I think you missed the joke. I'm familiar with the poorly translated Japanese game, and the resulting internet All Your Base fad.
Mercury_01
Apr 01, 2009

Rank: not rated yet
Oh, well then...

WORM BAD!!!!
x646d63
Apr 04, 2009

Rank: not rated yet
No conspirators amongst us? I'm convinced the CIA or Mossad is responsible for conficker. It's an eavesdropping tool. It's was originally designed to penetrate large networks (corporations), not necessarily individual home computers. I think Microsoft and other vendors have traced it to its origins, but what can they do about it if it's CIA?
smokabowl420
Apr 04, 2009

Rank: not rated yet
As crazy as it may sound, SkyNet is actually the right answer. My brother works for Sony Entertainment, and told me the conficker virus is really just a very advanced form of viral marketing for the new Terminator:Salvation movie.

Just wait, you'll see.
bmcghie
Apr 05, 2009

Rank: 5 / 5 (1)
Well, I dunno what the virus did for the movie. I was going to see it just to see if ANYONE could equal good ol' Arnold as the Terminator.
LuckyBrandon
Apr 18, 2009

Rank: not rated yet
Ant-I could write something in about 10 minutes to kill a MAC or a PC. Its ANY computer system, that can even include metal presses and metal manufacturing plants...if a virus is written to understand the code and destroy from there, it WILL do its job. MACs are a POS unless your doing multimedia related things...the end.

x646...-there is DoD code written into every operating system developed in the US. If a government entity were responsible, trust me, we would NEVER know the worm was ever even there. This isn't any government thing...they are pricks, and they steal our rights daily, BUT, this is the governments doing. The last I heard, this was suspected to come from eastern europe.

smokabowl420-1. love the name, can I join :D 2. When the hell is that coming out I wanna see it :D
Velanarris
Apr 19, 2009

Rank: 4 / 5 (1)
There is no DoD code written into Operating Systems. None whatsoever. This isn't really refutable either, so I'd like to know where you heard this that you'd take it as gospel.

Big Brother was watching, but he changed the channel because we're all boring, and he really doesn't care.
LuckyBrandon
Apr 19, 2009

Rank: not rated yet
I would rather not get into that, but lets just say that my prior and current professional experience has put me in a position to know a lot of insider information about a lot of products....with my background being in areas ranging from systems engineering to infrastructure architecture to development....
But let's forget I said anything about it in hind sight...I need to stop my drinking binge.... :|
I should have phrased it differently though, to reflect more of a backdoor, not specific code.
LuckyBrandon
Apr 19, 2009

Rank: 5 / 5 (1)
Oh and if big brother doesn't care, then why are there federal agents stationed at cell phone companies to this day...those bastards are even scanning our cell phone calls....I'm pretty sure that's public knowledge now....
Velanarris
Apr 20, 2009

Rank: 5 / 5 (1)
Are you referring to the CID chip embedded on all motherboards allowing physical polling reads, that's hardly a backdoor, it's an info tagger so if you generate something, an email, a photoshop picture, a web page, the machine that created the content can be identified but only if you have the content, and the machine, in hand. You're not the only IT engineer here.



And as for agents at the cell phone companies, welcome to the 40's. The FCC regulates all radiowaves, including cellular, 3g, EVDO, and all the other nifty portable comm techs. They're antipiracy, as well as oversight.

Just because the NSA can record your conversation, and listen to it, doesn't mean they care about your conversations. You're too boring for Big Brother to care about. Seeing as you're on a free-range, searchable forum, you should probably also know that they can track every purchase you make with credit cards, all your usernames and passwords, what you have in your grocery cart at the chekout line, etc, etc. And since you've raised a slight "anti-governmental" statement in the past, you'd expect that they're watching you right now as you eat your english muffin and contemplate heading down to the basement for a jerk before work, but, they don't care.
LuckyBrandon
Apr 23, 2009

Rank: not rated yet
And as for agents at the cell phone companies, welcome to the 40's. The FCC regulates all radiowaves, including cellular, 3g, EVDO, and all the other nifty portable comm techs. They're antipiracy, as well as oversight.

There is secret service of all things at cell phone companies...I know an agent assigned to one who is basically family to me....and he/she (won't say) has been there for a few years now.


Oh and no, not speaking to the chip...

And I do agree, I myself, along with every last one of us in here is too boring to review, but that doesnt change the fact they ARE violating our right to privacy unconstitutionally.
LuckyBrandon
Apr 24, 2009

Rank: not rated yet
I need to revamp my comment above...I spoke with my friend, and he/she basically said that they were "encouraged" to leave their agent position in lieu of a position at a cell phone company where she would be interfacing with the government branches involved ..so NOT still secret service, but thats where he/she was when he/she was "encouraged"....he/she took a generous pay raise too...
Velanarris
Apr 26, 2009

Rank: not rated yet
Like I've said before, information is the new currency of international relations, so businesses will pay top dollar for the best security they can get.



Who better than secret service and the various militaries?
Rank 3.8 /5 (16 votes)
Related Stories
Relevant PhysicsForums posts
  • How to calculate total compressibility in liquid porous solid system
    created2 hours ago
  • Need help reading 3-D
    created21 hours ago
  • A way to send and receive wireless data
    createdFeb 11, 2012
  • Calling function with no input argument
    createdFeb 10, 2012
  • Force free body diagram problem on gym equipment
    createdFeb 10, 2012
  • Empirical data regarding shower heads and water
    createdFeb 10, 2012
  • More from Physics Forums - General Engineering

More news stories

Google might launch Drive for cloud storage soon

(PhysOrg.com) -- Google's next big move, according to the Wall Street Journal, is a cloud storage service called Drive. Hardly first to the plate, Google is simply catching up to introducing its cloud reposi ...

Technology / Internet

created 10 hours ago | popularity 4.8 / 5 (5) | comments 4 | with audio podcast report

Iran blocks email, restricts net access: reports

Iran has further restricted access to the Internet and blocked popular email services for the past few days, in a move a top lawmaker said could "cost the regime dearly," media reports said on Sunday.

Technology / Internet

created 3 hours ago | popularity 5 / 5 (1) | comments 3

Love a click away in Indonesia's Twitter Republic

He was a geeky kid from Yogyakarta, she a glamorous city girl in Jakarta. In a country with one of the world's most vibrant social networking scenes they fell in love on Twitter.

Technology / Internet

created 11 hours ago | popularity 4 / 5 (1) | comments 0

Walney offshore wind farm is world's biggest (for now)

(PhysOrg.com) -- The Walney wind farm on the Irish Sea--characterized by high tides, waves and windy weather--officially opened this week. The farm is treated in the press as a very big deal as the Walney ...

Technology / Energy & Green Tech

created Feb 11, 2012 | popularity 4 / 5 (11) | comments 37 | with audio podcast weblog

Navy to begin tests on electromagnetic railgun prototype launcher

The Office of Naval Research (ONR)'s Electromagnetic (EM) Railgun program will take an important step forward in the coming weeks when the first industry railgun prototype launcher is tested at a facility ...

Technology / Engineering

created Feb 06, 2012 | popularity 4.5 / 5 (17) | comments 94 | with audio podcast


Scientists discover molecular secrets of 2,000-year-old Chinese herbal remedy

For roughly two thousand years, Chinese herbalists have treated Malaria using a root extract, commonly known as Chang Shan, from a type of hydrangea that grows in Tibet and Nepal. More recent studies suggest that halofuginone, ...

New method to examine batteries -- MRI from the inside

There is an ever-increasing need for advanced batteries for portable electronics, such as phones, cameras, and music players, but also to power electric vehicles and to facilitate the distribution and storage of energy derived ...

Lab study raises questions over nano-particle impact

Tests involving chickens have raised questions about the impact on health from engineered nano-particles, the ultra-fine grains commonly used in drugs and processed foods, scientists said on Sunday.

Injured boomers beware: Know when to see doctor

(AP) -- It happened to nurse Jane Byron years after an in-line skating fall, business owner Haralee Weintraub while doing "men's" push-ups, and avid cyclist Gene Wilberg while lifting a heavy box.

A mitosis mystery solved: How chromosomes align perfectly in a dividing cell

Although the process of mitotic cell division has been studied intensely for more than 50 years, Whitehead Institute researchers have only now solved the mystery of how cells correctly align their chromosomes during symmetric ...

Starve a virus, feed a cure? Findings show how some cells protect themselves against HIV

A protein that protects some of our immune cells from the most common and virulent form of HIV works by starving the virus of the molecular building blocks that it needs to replicate, according to research published online ...