Digital Doomsday coming April 1st?

by Mike
Posted March 29th, 2009 at 9:43 am


*Updated April 1st…apparently I spelled “Conficker” CoRnficker”…ugh…just caught it*

If you can remember all the way back into the depths of your mind to a time called Y2K, you will know how much a computer generated apocalyptic event can cause mass pandemonium. Y2K while costing many individuals large sums of money as they stockpiled food and supplied for a digital end times awoke to live as normal on January 1st 2000 to much relief, (and some anger as they squandered so much money for nothing). It seems as if the world is in for another digital apocalypse as a new bread of internet threat has been quickly and viciously making its way around the interent. If you haven’t heard, there is a pretty nasty worm floating around the interwebs that goes by the name of “Conficker” or downadup. At first you may ask yourself what is a Conficker or how did they get that name? Come inside and get better acquainted with the new “digital doomsday”.

First, a brief history of this worm which at one point was seemingly harmless, has now become a potential digital disaster.

Conficker started its life as a rather harmless and useless virus.  Conficker when released, was only meant to attack machines with owners that didn’t keep up on virus updates as updates at the time could take care of Conficker.  However, the creators behind Conficker evolved their worm with version B by adding peer-2-peer functionality, disabling of computers’ firewalls, and adding the ability to run a variable list of commands and control systems from a list of domains.  The creators didn’t stop there and Version C was released to add even more menacing muscle to the virus including enhanced peer-2-peer networking (with digital signing).  Clearly the creators know what they are doing.  But why exactly?

Conficker, a mixture of English and German is a nasty little worm that turns infected machines into “bots” or slave computers. So far, all that’s known is that on April 1st, all of the computers infected with Conficker will contact a “home computer” to receive new instructions. Up until this point infected machines have more or less just been gatherers, gathering information on whoever uses the infected machines. But on April 1st that is all going to change. The machines will switch sides and go on the offensive, potentially wreaking havoc. So just how bad is Conficker — bad enough for Microsoft to offer a $250,000 bounty to individuals who give information leading to the arrest and prosecution of those involved with Conficker. They have already released a patch to combat the Conficker virus, however, the people behind the virus are constantly issuing updates to the virus making previous patches and attempts to protect against it null and void.  Any patched computers can become infected again by another infected computer.  For example, Conficker how requires signed packages meaning the creators behind Conficker and only those creators can modify the worm.  Windows updates get deactivated, and anti-virus software gets neutered by this meticulous virus.  So how many computers exactly are infected?

The list of infected computers is staggering. According to CNN:

Mikko Hypponen, the chief research officer at anti-virus firm F-Secure says the true scope of the virus is not known, but in the past 24 hours his company monitored Conficker signals from two million Internet protocol addresses….

“That’s a lot”, “And one IP address here does not mean one infected computer, it means at least one infected computer.

“Many of those IP addresses are obviously company proxies or firewalls, hiding hundreds of more infections behind it. Unfortunately this also makes it impossible to estimate the total count of infected systems.”

As you can see, this is a very real and very big problem…potentially. No one really knows the true motivations or goals behind the Conficker coders. On one hand if they are seeking to sell off infected machines and new updates of the virus to hackers and other people who want to sell information, they obviously won’t want to destroy the internet as many have suspected. Destroy the internet? How? By bombarding websites and overloading servers they can take down large swaths of the internet. Not to mention, with millions of “slave computers”, the Conficker coders have access to a large computer base in which to simply brute force their way into any password protected site that they want. A very scary reality that poses the question: Just how safe is the internet? Other fears are that a Dark Google could be created. (The machines which have so far worked as gatherers, could use the information they’ve already accumulated, and future accumulations and find out information about anyone anywhere!)

The reaches of this virus have potentially massive dangers on the world in which we live. But, at the same time, step back and look at what Y2K was…a big hoax. One has to wonder with the date the Conficker creators chose…April 1st…if this is merely a big joke to get their 5 minutes of fame. We don’t want to overreact and create the chaos Y2K caused yet at the same time we have to be prepared and value Conficker at it’s potential worst. Of course, you can use a fool proof method that will protect you on April 1st….unplug your computer.  Problem solved.  Though once plugged back in it very well could call out to get more instructions.  Linux and Mac users also appear to be safe from Conficker…for now.  They could always update the virus adding an even higher level of threat.

What is your take on Conficker? Digital Doomsday? Or greatest internet farce ever?

Source: CNN, Tech Podcasts

Discover and Share

No comments currently exist for this post.
Add a commentGet a Gravatar

* Name

* Email Address

Website Address

Please leave these two fields as-is:

Protected by Invisible Defender. Showed 403 to 5,160 bad guys.

Spam Protection by WP-SpamFree

You can usethese tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Google Translate
Around The Site