Beware of the April 1st Virus! Conficker

April 1st Virus – A new virus called Conficker is the latest being investigated by security experts, set to damage millions of computers on April Fools Day. The April 1st virus or April Fool’s Virus is already thought to have infected up to 10 million computers.

April 1st Virus

A group of people called the Conficker Cabal have rounded to hunt down the author responsible of the April 1st virus.

“We love catching bad guys,” said Alvin Estevez, CEO of Enigma Software Group, which is one of many companies trying to crack Conficker. “We’re like former hackers who like to catch other hackers. To us, we get almost a feather in our cap to be able to knock out that worm. We slap each other five when we’re killing those infections.”

The April 1st virus is preparing the work to on this date gain control of all infected computers, much like zombies. This could cause web site attacks, use of your Pc for other purposes and collection of personal information via keyloggers.

“The best minds in the industry are working on this to protect customers,” he said. “We’re trying to reduce the impact of the April 1 date as best we can. But we know … this malware will continue to evolve.”

Wow, to be safe avoid downloading software from dubious sources and don’t accept strange invitations on IM or email.

Those were the news on the April 1st virus.

Technorati Tags: , , , , ,

AddThis Social Bookmark Button

This entry was posted on Wednesday, March 25th, 2009 at 11:17 am and is filed under World News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

9 Responses to “Beware of the April 1st Virus! Conficker”

  1. April 1st Virus: Conficker or Conflicker? Says:
    March 30th, 2009 at 11:05 am

    [...] 1st virus - We’ve posted before about the April 1st virus, and it seems that the date is just around the corner. Many people are searching for the name of [...]


  2. Nichole Says:
    March 30th, 2009 at 6:33 pm

    This is horrible. I bought a brand new computer 2 months ago, and now this bull arrives. I hope they catch the creator of the virus, I hope he gets jail time for just messing with people like this.


  3. FileSponge Says:
    March 31st, 2009 at 5:08 am

    Another load of sillyness. If people had been trained a little before using a PC, this woudn’t be such an issue.
    You don’t give somebody a car who cannot drive yet.

    If a PC is so open to attack, it won’t do anything amazingly bad, so a few people lose an odd email or two - if the anti-hackers know their code. How hard can it be ?
    Nobody yet has even made it clear what it will do as they don’t have the training to decode it.

    1) force your PC to think it’s April 1st - see the effects, and you know what you are working on. If it checks dates over Internet, trick a server into knowing the wrong date too.

    2) no PC software is invisible - it’s a routine running on an open system. How hard do the experts find it to see hidden processes ? that makes me laugh.

    3) If you have it, then it’s trapped, and that makes it sooo easy to strip down & reverse engineer. It’s like finding a rat in a maze, but the rats actually ‘dead’ :)

    To be honest, i blame modern teaching - to me, ripping code apart is like reading a book in a foreign language. You just have to read slower but it’s all there.

    Good thing machine language ain’t in specific languages. I’d never be able to decode in japanese ;)

    lol


  4. phayze Says:
    March 31st, 2009 at 12:29 pm

    I bet it’s because you can’t kill someone with a PC, ya?

    There is no ‘decoding’ of code. Assembly code is clearly readable. How do you think they know there’s a hook for April 1st? (PS this hook only exists in the minority version C. Most machines are infected with the B variant, which messes with a lot of system services, and is able to update itself etc.)

    There is no way to know what will happen! no way at all..

    The infected machines have open sockets which receive instructions, that’s it!

    The virus does not check the local date of the machine it is running on. Rather, the man in control may elect to fire whatever instructions at the drones he’d like on April 1st. Ergo, there is no way to know what will happen. It is not a matter of not having the required training, or “knowing your code”

    The “Experts” most certainly did obtain a handle to this running process bro.. Again, how do you think they’ve been able to determine all the services it kills, and the fact that it’s using a known windows exploit? It’s not magic!

    The assembly has been analyzed, they know what it does… I love your rat analogy lol.. But it’s not unfortunately like that for the “anti-hackers” as you put it. It’s more like observing a maze full of millions of rats being controlled from an unknown location, and trying to figure out 1) where is this unknown location (probably hundreds of proxy hops around the world, hard to find) and 2) Who is this clown..

    What the “anti-hackers” do, is monitor ethernet traffic to/from the socket being used by the malware. This gives them a server that the program is talking to. They need to physically contact the server in most cases, determine where the IP lease is obtained, and/or where it was being routed for. Rince and repeat for each proxy server the hacker(s) used, which is probably a dynamic list of proxies(always changing). They won’t catch this guy…..


  5. Someone Says:
    March 31st, 2009 at 3:01 pm

    If this was “another load of sillyness” why would they bother putting it on the news?


  6. Yvette Says:
    March 31st, 2009 at 4:47 pm

    FileSponge…. If I force my computer into thinking it’s April 1st, then I’ve just defeated the purpose of not getting the virus…. that makes no sense whatsoever.

    And having a computer doesn’t kill people like driving a car, so that bad analogy doesn’t work in this instance either.

    Why not just reinstall your original software and use a back up of your files (I have back ups done on a regular basis). Then there’s no need to reverse engineer any computer language.

    You have time to go chasing a rat in your maze but I’ll just kill mine.

    lol


  7. Mark Says:
    April 2nd, 2009 at 5:09 am

    Well , viruses and the like only affect Windows Operating Systems because of how badly they are written. That is not to say it is OK for these groups to create the viruses , but if Microsoft managed to develop a SECURE Operating System like Linux , then there would not be any problems!
    I tell this to everyone I know - if you want to play games then buy a console , if you want to surf the web , do office work , graphics , music or video , then use Linux.


  8. Conficker Eyechart Says:
    April 13th, 2009 at 8:36 am

    [...] the Conficker or April 1st Virus? According to some security experts this virus entered many computers and was set out to crash the [...]


  9. Person Says:
    April 22nd, 2009 at 1:07 pm

    actually microsoft isnt all that badly written, it just needs Win32.exe files to run most of its stuff, the reason why linux is so “secure” is because it doesnt run Win32 files, which most viruses are made of, which is why mac doesnt get very many viruses either. Conficker is mainly a win32.exe program (i think, i might be wrong)


Leave a Reply