|
Lions and Tigers and Conficker, OH MY! |
 |
 |
 |
|
Written by computerguy
|
|
Wednesday, 01 April 2009 00:00 |
The Conficker worm has really been making the news the last couple days. At times it's been coined as the server-melting, internet crashing worm of all times... To be unleashed on of all days, April 1, 2009. What's happened so far? Exactly what the reverse engineering of the code of the worm has said it would do... not a lot.
You see, the reverse engineering of the worm's code revealed that the infection (specifically Conficker.C, the third variant of the worm) would change the way it communicates with it's "handlers" and other computers infected with Conficker.C. That's about it.
Has it been "phoning home"? Has it been looking for its new instructions? Does it have potentially drastic dramatic effects? Could Conficker do something unprecidented in the future? Potentially, Yes.
Keep in mind, to the best of anyone's knowledge, Conficker is NOT going to infect a bunch of computers today. The April 1 trigger is to change the way the infection communicates. One easy way to check if you MIGHT be infected by malware such as Conficker is to try to browse to any of the 'big name' antivirus company's websites; http://www.eset.com; http://www.symantec.com; http://www.mcafee.com. If you get redirected somewhere else, or you can't get to those sites, you quite possibly could be infected with malware, but it stands a pretty good chance that it's NOT necessarily Conficker. Lots of OTHER malware infections can cause this as well.
We have to be careful that we remain able to see the forest for the trees. Conficker is dangerous... there's no doubt, yet it is one of THOUSANDS of different infections infecting computers daily. There are many malware infections that are "in the wild" that have similar symptoms to Conficker, that may very well be doing much more damage to your computer and YOU. What we need to be implementing is an overall security "policy" for our computer systems and networks to protect against ALL infections... not just focus on Conficker.
According to Randy Abrams from Eset, over the last 36 hours or so, 80% of the top threats encountered have had nothing to do with Conficker, but they DID have EVERYTHING to do with password stealing, installing using autorun, and stealing of personal data. And yet, 99% of the talk is about Conficker. http://www.eset.com/threat-center/blog/?p=912
So, what's this all mean to me, you ask? What it means is that there are some relatively simple, yet very important things that you can and should do to protect yourself from ALL infections... not just Conficker.
-Make sure your Windows operating system is patched and updated. Set your computer to automatically update. You can verify you have the latest updates manually by visiting http://windowsupdate.microsoft.com
-Disable autorun on your computer
-Install and keep updated your Antivirus software
-Use strong passwords
-Use common sense about downloading software and sharing files over/from the internet. If it sounds too good to be true, it probably is.
Happy Computing!
Dusty
|
|
Last Updated on Sunday, 28 June 2009 22:35 |