Although Microsoft Conficker/Downadup infections were not a major threat a couple months ago, sources ranging from Brink to The New York Times (Computer Experts Unite to Hunt Worm) say that on April 1, 2009, the worm will be programmed to run a mystery doomsday attack.
For those unfamiliar with the threat, it has been considered the biggest botnet ever. According to Microsoft’s Malware Protection Center, on March 4, 2009, a peer-to-peer (P2P) mechanism has been added to the latest iteration of the worm — making this the fourth evolution (Conficker A/B/C and now D) since October of 2008.
No one knows exactly what the worm will do on April Fool’s Day, as much Conficker disaster speculation abounds. While some guess it will bring down the Internet, such a feat would run contrary to the very nature of botnets. A network of viral computers usually send out spam — swindling victims out of money. If the Internet were down, whoever started the threat wouldn’t make money. However, using the zombie computers to ping a site at the same time to create a denial of service (DoS) attack would be much more likely. This would enable the creator to steal confidential corporate data (Source: ABC news “Conficker Computer Worm Threatens Chaos“).
The good news is that if you haven’t been infected by Conficker already, there’s a pretty good chance you won’t. Computers on your network that have legal licenses of Windows and up-to-date anti-virus software won’t be subjected to the threat (Conficker, Downadup worm hype?). Take SearchSecurity.com contributor Eric Ogdren’s Microsoft Conficker worm offers attack prevention lesson if you’re worried.
If you’re still worried, let’s just hope then that the Internet Corporation for Assigned Names and Numbers (ICAAN)-bird gets the worm.