• Hail Guest!
    We're looking for Community Content Contribuitors to Stratics. If you would like to write articles, fan fiction, do guild or shard event recaps, it's simple. Find out how in this thread: Community Contributions
  • Greetings Guest, Having Login Issues? Check this thread!
  • Hail Guest!,
    Please take a moment to read this post reminding you all of the importance of Account Security.
  • Hail Guest!
    Please read the new announcement concerning the upcoming addition to Stratics. You can find the announcement Here!

Conficker worm striking on April 1st? NOT A JOKE!

  • Thread starter DarkScripture
  • Start date
  • Watchers 0
D

DarkScripture

Guest
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm#video
This is real info on a April Fools Attack for today.
Just thought I would share. Check out the link

Downadup Webpage Blocklist by F-Secure
http://www.f-secure.com/weblog/archives/00001582.html

Microsoft Security Bulletin MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
Published: October 23, 2008
Version: 1.0
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

*** Update for fast reference ***
If you have XP SP3 Installed you should be good.
Vista also..
*************************************
http://en.wikipedia.org/wiki/Conficker



Do post a reply if you do not have this patch & it helps you. I would really like to know if it even helps only one.
 

Black Sun

Grand Poobah
Alumni
Stratics Veteran
Stratics Legend
It's a possible it will attack today.
Today it begins searching the net for it's instructions. If they aren't given today it will continue to search until they're sent out and the worm finds them.

Basically, just because you don't get hit today, does not mean the threat's gone.
 
C

Connor_Graham

Guest
I can verify this worm is real. It was on Yahoo news yesterday which gave links to several of the top antivirus company websites with instructions on how to DL the updated AV program.
 

Bardie

Lore Keeper
Stratics Veteran
Stratics Legend
they have been smart enough to infect 50 mil computers, pretty sure they are smart enough not to launch an attack on when everyone is awaiting it...duh
 
C

Connor_Graham

Guest
The authorities have already said there's nothing they can do to stop it or even trace it. It's set up to get instructions from any of 50,000 different web addresses which is more than they can do anything about.
 

kelmo

Old and in the way
Professional
Alumni
Supporter
Stratics Veteran
Stratics Legend
UNLEASHED
Dread Lord
I don't think I will be googling much today...
 
M

Malimus

Guest
Confirmed. Family member opened a e-mail with a .zip file attached. Bam they got infected. Careful everyone.
The e-mail was some sort of e-card.

With the passing away of my uncle this morning she thought it was a card from a relative or friend of family. :(
 
S

Sweeney

Guest
Confirmed. Family member opened a e-mail with a .zip file attached. Bam they got infected. Careful everyone.
The e-mail was some sort of e-card.

With the passing away of my uncle this morning she thought it was a card from a relative or friend of family. :(
*sends you a .zip file condolence*

Don't open anything you don't trust, and always keep your AV software up to date, the kind that scans any and every downloaded file.
 

Harlequin

Babbling Loonie
Stratics Veteran
Stratics Legend
I don't think I will be googling much today...
That will not help actually. The author simply has not uploaded any of the 50000 urls with instructions. Yet.

If he does it anytime after today, infected PCs will download the instructions then.

Best to install MS Security update - MS08-067 if you do not use auto update. Those that have auto update turned on would already be immune.

Still, a good idea to keep your AV/firewall proggies updated on a daily basis.
 

Littleblue

Seasoned Veteran
Stratics Veteran
Stratics Legend
Confirmed. Family member opened a e-mail with a .zip file attached. Bam they got infected. Careful everyone.
The e-mail was some sort of e-card.

With the passing away of my uncle this morning she thought it was a card from a relative or friend of family. :(

Sorry to hear about your Uncle, Malimus.
 
K

KinG DaviD

Guest
just dont open anything on your email you arent expecting...been my motto since i started with the whole internet thing...ive never had a virus or trojan..
and i dont always update my security stuff either...im not as computer literate as i shjould be after all these years...i guess im just a web surfer...hehe

does that work still these days? just not opening stuff...i mean the only way "in" nowadays with all teh firewalls and stuff is if you "open" it..correct?
 
K

Kratos Aurion

Guest
To be completely honest, the worm sounds like a complete myth to me. While I haven't really read about any documented cases of the worm, there has been plenty of times for fakers and immitaters to develop worms that immitate what the Conflicker worm is suppose to do. So anyone who got a worm yesterday could have gotten an immitation. Tons of worms are launched on holidays.

And stopping a worm from requesting instructions from a server is easy; turn off your wireless and/or unplug your LAN cables. If you think you have it, go buy a cheap virus scanner/firewall/security software and load it up. If you're really freaking out, do a format of your drive and save any important files on flash drive (scan it to ensure no worms/viruses have attatched to the files).

If the worm in all acuallity infected 10** (edited) million computers/PCs, there would have been a much more widescale media spread of damage yesterday IF it was really suppose to time bomb yesterday.

I'm not saying it doesn't exist but I haven't found it yet (and yes I do DL viruses to crap PCs to see what they do).
 
B

Beastmaster

Guest
I cannot say where I work, but I can tell you that yesterday we were notified by Homeland Security that one of our PCs was infected with this virus. Located the PC and pulled it offline, and it was indeed infected.
 
K

Kratos Aurion

Guest
It appears its not a complete hoax as I previously thought. I obtained an isolated copy of it on a friends flash drive from school when my virus scanner picked up an attempted intrusion. I did though install it on my old laptop which I'm kind of curious to see what it's going to do.

So far the worm is capable of decrypting weak passwords, expand to blank media, search and spread through networks using network IPs. It has attempted to DL a file loadav.exe, which apparently through research is a false lead.

It's fiesty.

The best solutions for preventing your self from getting it are using strong passwords that otherwise wouldn't be easy for malware to decrypt (caps, numbers, symbols etc). Make sure you use recommended virus scanners/malware scanners and always have a secondary for backup like AVG or some other free stuff. Make sure you have a decent firewall like the McAfee internet suite. Always scan portable devices before attempting to open them/access the media.

I haven't read any incidents of the worm accessing any of the 500 malware domains *yet*
 

Lady Aalia

Atlantic's Finest
Alumni
Stratics Veteran
Stratics Legend
I know it has to be serius enough Hubby is NT for the Army here and they been just rotating about it.

Evening of the 31.March his cell was ringing of the hook while i was trying to convince him to do yardwork!!
 

Basara

UO Forum Moderator
Moderator
Professional
Governor
Stratics Veteran
Stratics Legend
Wiki Moderator
UNLEASHED
Campaign Supporter
There's a web test out there for it called an "eye chart"...

Essentially, it has 6 pictures on it.

2 or 3 of the pictures will not show if you have the virus, as their source domains are blocked by the virus. other amounts of pictures blocked could indicate other issues, and all 6 blocked means you probably have your broswer not to show graphics at all :) .

http://www.confickerworkinggroup.org/infection_test/cfeyechart.html
 
Top