LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - News
User Name
Password
Linux - News This forum is for original Linux News. If you'd like to write content for LQ, feel free to contact us.
All threads in the forum need to be approved before they will appear.

Notices


Reply
  Search this Thread
Old 03-21-2009, 11:57 AM   #1
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
Conficker will activate on April Fools


Quote:
"John Markoff has a story at the NY Times speculating about what will happen on April 1 when the Conficker worm is scheduled to activate. Already on an estimated 12 million machines, conjectures about Conficker's purpose ranges from the benign an April Fool's Day prank to far darker notions. Some say the program will be used in the 'rent-a-computer-crook' business, something that has been tried previously by the computer underground. 'The most intriguing clue about the purpose of Conficker lies in the intricate design of the peer-to-peer logic of the latest version of the program, which security researchers are still trying to completely decode,' writes Markoff. According to a paper by researchers at SRI International, in the Conficker C version of the program, infected computers can act both as clients and servers and share files in both directions. With these capabilities, Conficker's authors could be planning to create a scheme like Freenet, the peer-to-peer system that was intended to make Internet censorship of documents impossible. On a darker note, Stefan Savage, a computer scientist at the University of California at San Diego, has suggested the possibility of a 'Dark Google.' 'What if Conficker is intended to give the computer underworld the ability to search for data on all the infected computers around the globe and then sell the answers,' writes Markoff. 'That would be a dragnet and a genuine horror story.'"
http://tech.slashdot.org/article.pl?...8248&art_pos=1

Detailed analysis of the worm:
http://mtc.sri.com/Conficker/addendumC/

I wonder what it will do ... an April Fools joke where the joke is on you ?
 
Old 03-21-2009, 03:35 PM   #2
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.2
Posts: 7,809
Blog Entries: 58

Rep: Reputation: Disabled
Mmm, fascinating. Clever buggers, whoever created it.
 
Old 03-21-2009, 05:03 PM   #3
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928

Original Poster
Blog Entries: 2

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
Very clever indeed ... perhaps too clever. I dunno about you, but I can't wait to find out what happens
 
Old 03-21-2009, 05:35 PM   #4
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.2
Posts: 7,809
Blog Entries: 58

Rep: Reputation: Disabled
Yeah. Bring it on!!! I like this bit from that detailed analysis:
Quote:
Perhaps in the best case, Conficker may be used as a sustained and profitable platform for massive Internet fraud and theft. In the worst case, Conficker could be turned into a powerful offensive weapon for performing concerted information warfare attacks that could disrupt not just countries, but the Internet itself.
Sounds like the shit's really going to hit the fan.
 
Old 03-22-2009, 10:37 AM   #5
DragonSlayer48DX
Registered User
 
Registered: Dec 2006
Posts: 1,454
Blog Entries: 1

Rep: Reputation: 74
Internet Storm Center

For those who are dual-booting, whose 'other side' may be compromised, you can go here for continuous updates on removal tools and instructions, as well as other information on this threat from various sources.

Cheers

Last edited by DragonSlayer48DX; 03-24-2009 at 11:41 AM.
 
Old 03-30-2009, 10:50 AM   #6
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928

Original Poster
Blog Entries: 2

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
More interesting info on this worm:

http://it.slashdot.org/article.pl?sid=09/03/30/090224

Quote:
Conficker actually changes what Windows looks like on the network, and this change can be detected remotely, anonymously, and very, very quickly. You can literally ask a server if it's infected with Conficker, and it will give you an honest answer
 
Old 03-31-2009, 08:56 PM   #7
dv502
Member
 
Registered: Sep 2006
Location: USA - NYC
Distribution: Whatever icon you see!
Posts: 642

Rep: Reputation: 57
No worry here, 100% linux only except for the other two computers my family uses which is XP and vista.

I have a gut feeling this is a prank. Hence, the launch day April fools.

Last edited by dv502; 03-31-2009 at 09:01 PM.
 
Old 04-01-2009, 04:21 AM   #8
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.2
Posts: 7,809
Blog Entries: 58

Rep: Reputation: Disabled
I don't think anybody would put so much effort into a prank.
 
Old 04-01-2009, 05:27 AM   #9
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928

Original Poster
Blog Entries: 2

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
Looks like the worm activated and caused widespread havoc on computer systems worldwide ... it's back to the dark ages I guess.
 
Old 04-01-2009, 05:51 AM   #10
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.2
Posts: 7,809
Blog Entries: 58

Rep: Reputation: Disabled
Whooopeeee!!! The End Of Civilisation (if you could call it that) is here!! Let's Paaaaaaaaaaaaaaaaaaarty!!!
 
Old 04-01-2009, 09:20 AM   #11
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928

Original Poster
Blog Entries: 2

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
Quote:
Originally Posted by H_TeXMeX_H View Post
Looks like the worm activated and caused widespread havoc on computer systems worldwide ... it's back to the dark ages I guess.
Here's the /. story about it:
http://tech.slashdot.org/article.pl?.../04/01/1330201
 
Old 04-09-2009, 10:54 AM   #12
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928

Original Poster
Blog Entries: 2

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
It may actually be doing something now:
http://it.slashdot.org/article.pl?sid=09/04/09/1213204
 
Old 04-09-2009, 05:16 PM   #13
DragonSlayer48DX
Registered User
 
Registered: Dec 2006
Posts: 1,454
Blog Entries: 1

Rep: Reputation: 74
Quote:
Originally Posted by H_TeXMeX_H View Post
It may actually be doing something now:
http://it.slashdot.org/article.pl?sid=09/04/09/1213204
Also found this on PC World.

Quote:
Conficker Worm Reveals Its Business Model

The makers of Conficker, the worm that has infected millions of PCs, have begun to do what all botnet owners do -- make money -- security researchers said Thursday as they started analyzing the malware's newest variant.
 
Old 05-01-2009, 06:26 AM   #14
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928

Original Poster
Blog Entries: 2

Rep: Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291Reputation: 1291
Hospital Equipment Infected With Conficker

http://it.slashdot.org/article.pl?sid=09/04/30/2127211

Quote:
It's not clear how the devices (including heart monitors, MRI machines and PCs) got infected. Infected computers were running Windows NT and Windows 2000 in a local area network (LAN) that wasn't supposed to be Internet accessible, but the LAN was connected to one with direct Internet access. A patch was released by Microsoft last October that fixes the problem, but the computers infected were reportedly too old to be patched."
This makes me wonder how many deaths have been attributed to such causes ... M$, viruses, malware, etc.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Catching the Conficker Feckers LXer Syndicated Linux News 0 02-15-2009 07:30 AM
I can't activate (i'mean activate) my wireless card Mardrus Linux - Newbie 5 05-04-2008 06:35 AM
LXer: April Fools' Day Selection LXer Syndicated Linux News 0 04-01-2007 06:46 PM
LXer: List of the April Fools Jokes for 2006 LXer Syndicated Linux News 0 04-02-2006 03:21 AM
SuSE 8.2 is out in April Phonics3k Linux - Software 0 03-21-2003 05:58 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - News

All times are GMT -5. The time now is 10:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration