The latest threat to computer users is an infectious worm called Conficker, which was expected to hit on April 1st. But don’t relax yet—now techies are saying it’s merely evolving, becoming harder to find and harder to fight, while quietly awaiting instructions.
Tens of millions of computers are thought to be infected worldwide. It can spread very quickly on a local area network by taking advantage of a (now-patched) flaw in Microsoft Windows. The hardest hit areas are also those with the most pirated, and therefore unpatched, versions of Microsoft software–Â Asia, Eastern Europe, and South America. Could it be a ploy by Microsoft to stamp out pirating?
Machines can be infected with the speed of an Internet connection or by hiding on USB memory sticks carrying data from one computer to another. The worm also has the ability to communicate using peer-to-peer (p2p) protocol. That’s right, Conficker is file-sharing. With p2p, the worm can distribute software updates much faster than if every infected machine had to communicate with a main server.
Right now, it contacts 500 Web sites from a randomly generated list of 50,000 sites every day, until it receives instructions, which could be a simple software update or the order to commit theft or attack other computer networks.
Microsoft has modified its free Malicious Software Removal Tool to detect and remove Conficker. Security firms, including Trend Micro, Symantec and F-Secure, provide Conficker removal services at their websites too. Even The US Department of Homeland Security (DHS) is getting involved, creating a tool to detect infection and recommending that Windows users apply Microsoft security patch MS08-067 to help protect against the worm.
The tell-tale sign that a computer is infected is if your efforts to connect a website providing online virus removal tools are blocked.
Tags: Internet Speed