In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.

Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.

Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.

Thanks in part to a quarter-million-dollar bounty on the head of the writer of the worm, offered by Microsoft, security researchers are aggressively digging into the worm's code as they attempt to engineer a cure or find the writer before the deadline. What's known so far is that on April 1, all infected computers will come under the control of a master machine located somewhere across the web, at which point anything's possible. Will the zombie machines become denial of service attack pawns, steal personal information, wipe hard drives, or simply manifest more traditional malware pop-ups and extortion-like come-ons designed to sell you phony security software? No one knows.

Conficker is clever in the way it hides its tracks because it uses an enormous number of URLs to communicate with HQ. The first version of Conficker used just 250 addresses each day -- which security researchers and ICANN simply bought and/or disabled -- but Conficker C will up the ante to 50,000 addresses a day when it goes active, a number which simply can't be tracked and disabled by hand.

At this point, you should be extra vigilant about protecting your PC: Patch Windows completely through Windows Update and update your anti-malware software as well. Make sure your antivirus software is actually running too, as Conficker may have disabled it.

Microsoft also offers a free online safety scan here (http://onecare.live.com/site/en-us/default.htm), which should be able to detect all Conficker versions.
http://tech.yahoo.com/blogs/null/128643/beware-conficker-worm-come-april-1/


seems a bit much for april 1st though

I've heard of this thing. Any way to tell if you have it?

Advanced heuristics I tell ya. It may register some false positives but it is better safe than sorry. In 04 (I think, maybe 03) I was attacked relentlessly on my server and managed to fend off an attack. I forget the damn name of the DoS malware but the corporate world was at a struggle. I just clamped down on my ZA, made certain my router had it's basic firewall up to date with everything checked yes, and limited my exposure. None of my 4 computers caught anything but my Win 2000 machine had accidentally deleted an important file due to heuristics which was later recovered.

Just be extra cautious.

I will refrain from pointing out that I am typing this on a Mac. Oh, wait, no I won't.

Anyway: I think this points out a real issue that all Windows users -- and, really, all Linux and even Mac users -- need to keep in mind: update your shit. Microsoft, Apple, and whatever loose band of misfits works on Linux (I kid, I kid) put updates out for a reason. Often, it's because a security hole has been found.

And the most dangerous times for those security holes isn't before the patch is released -- it's after. You see, for the most part, the douches who write viruses aren't really all that good at it. So they find out what holes there are in the various OS's the same way the rest of us do: by looking at the patches, seeing what got fixed, and figuring out how to exploit that.

So I say it again: update your shit. All OS's have updating capabilities, which can be turned on automatically. Turn that shit on.

The worm virus hit my company a few weeks ago. We basically lost a day and a half of work. I hope they're ready.

My company sent an email out on this already and are doing patches constantly