Fears of a Conficker Meltdown Greatly Exaggerated

Worries that the notorious Conficker worm will somehow rise up and devastate the Internet on April 1 are misplaced, security experts said Friday.

April 1 is the day that the worm is set to change the way it updates itself, moving to a system that is much harder to combat, but most security experts say that this will have little effect on most computer users' lives.

April 1 is what Conficker researchers are calling a trigger date, when the worm will switch the way it looks for software updates. The worm has already had several such trigger dates, including Jan. 1, none of which had any direct impact on IT operations, according to Phil Porras, a program director with SRI International who has studied the worm.

"Technically, we will see a new capability, but it complements a capability that already exists," Porras said. Conficker is currently using peer-to-peer file sharing to download updates, he added.

Gradually, the Conficker network will get updated, but this will take time, and nothing dramatic is expected to happen on April 1, according to Porras, Howard, and researchers at Secureworks and Panda Security.

"There is no clear evidence that the Conficker botnet will do anything dramatic," said Andre DiMino, cofounder of The Shadowserver Foundation, a volunteer security group. "It will change its domain usage to the larger pool and may attempt to drop another variant, but so far, that's about it."

Read full story.

Well darn, I was expecting it to do something dramatic, it looks like it will disappoint

Quote:

Originally Posted by H_TeXMeX_H Well darn, I was expecting it to do something dramatic, it looks like it will disappoint

I fear your day is coming, H- it's just a matter of when. What the experts don't know is what the authors are planning for this thing. Keep in mind, it may only take one 'update' to pass the instruction to wreak havoc, but they would need to select a later date to ensure all their bots are armed and ready. I think they may just be toying with the experts... at least for now.

Let's all keep our fingers crossed that it will lead to the end of civilisation as we know it.

lol, I dunno, you think it's possible ? How much damage could it cause ? It certainly looks like the creators are "evil geniuses" in a way. The way it works is truly something awesome, it's almost like the perfect worm.

Quote:

Originally Posted by H_TeXMeX_H It certainly looks like the creators are "evil geniuses" in a way. The way it works is truly something awesome, it's almost like the perfect worm.

Exactly.

All I can say is that I recall a few years ago when a 15 minute DDoS attack, generated by only a few thousand bots, booted Yahoo and affiliates offline for over 6 hours...

When you think of how much we have come to depend on computers...
Whoever created that Conficker botnet/worm went to a great deal of trouble, so they must intend to use it for something big. I think all those experts are indulging in wishful thinking, they haven't any more idea about it than we have.

Quote:

Originally Posted by brianL When you think of how much we have come to depend on computers... Whoever created that Conficker botnet/worm went to a great deal of trouble, so they must intend to use it for something big. I think all those experts are indulging in wishful thinking, they haven't any more idea about it than we have.

Well, they have decoded it, so they do know a little more than us.

But as far as what it will do, you are right. It's not in the code; it will have to come as an update. And to date, the botnet is over 10 million strong...

Just found this:
http://www.theregister.co.uk/2009/03...ent_infection/