New tools released for detecting Conficker worm/Downadup worm

The US Department of Homeland Security released a new security tool to detect a Conficker worm/Downadup worm on a computer.

The department, in a statement, said the detection tool for the Conficker worm, also known as DownAdUP, had been developed by the US Computer Emergency Readiness Team (US-CERT).

"While tools have existed for individual users, this is the only free tool -- and the most comprehensive one -- available for enterprises like federal and state government and private sector networks to determine the extent to which their systems are infected by this worm," said US-CERT director Mischel Kwon.

"Our experts at US-CERT are working around the clock to increase our capabilities to address the cyber risk to our nation's critical networks and systems, both from this threat and all others," he added.

The worm is suspected to have infected million of computers running the Windows operating system and Windows maker Microsoft has offered a 250,000 dollar bounty for those responsible for the worm.

US-CERT recommended that Windows users apply Microsoft security patch MS08-067 to help provide protection against the worm.

The patch is designed to prevent an attacker from remotely taking control of an infected computer system and installing additional malicious software.

Malware could be triggered to steal data, generate spam attacks or turn control of infected computers over to hackers amassing "zombie" machines into "botnet" armies.

The worm is programmed to modify itself on Wednesday, April Fool's Day, according to computer security specialists.

Conficker had been programmed to reach out to 250 websites daily to download commands from its masters, they said, but on Wednesday it will begin connecting with 50,000 websites daily for instructions.

The hackers behind the worm have yet to give it any specific orders.

"That's the interesting thing. The only thing the worm is being asked to do is to ask for further instructions," Steve Trilling, vice president of security firm Symantec, told the CBS program "60 Minutes" in a story aired on Sunday.


source: news.id.msn.com

Watch video about the impact of the Conficker worm.

Related post:
Top most worst computer viruses of all time
Prevention of Conficker Worm also known as April Fool's Day virus
Conficker virus summary
Conficker C computer virus set on April Fool's Day

Conficker C computer virus set on April Fool's Day

Conficker C or Downadup virus is just waiting for April 1st to strike then to play an awful April Fool's joke on your computers.

Among the millions of viruses that are swimming around the internet, the "Conficker" virus or "April Fool's" virus is one which baffles experts the most, because of that it could cause the most harm to operating systems in years.

A computer-science detective story is playing out on the Internet as security experts try to hunt down a worm called Conficker C and prevent it from damaging millions of computers on April Fool's Day.

The anti-worm researchers have banded together in a group they call the Conficker Cabal. Members are searching for the malicious software program's author and for ways to do damage control if he or she can't be stopped.

They're motivated in part by a $250,000 bounty from Microsoft and also by what seems to be a sort of Dick Tracy ethic.

"We love catching bad guys," said Alvin Estevez, CEO of Enigma Software Group, which is one of many companies trying to crack Conficker. "We're like former hackers who like to catch other hackers. To us, we get almost a feather in our cap to be able to knock out that worm. We slap each other five when we're killing those infections."

The malicious program already is thought to have infected between 5 million and 10 million computers.

Those infections haven't spawned many symptoms, but on April 1 a master computer is scheduled to gain control of these zombie machines, said Don DeBolt, director of threat research for CA, a New York-based IT and software company.

What happens on April Fool's Day is anyone's guess.

The program could delete all of the files on a person's computer, use zombie PCs -- those controlled by a master -- to overwhelm and shut down Web sites or monitor a person's keyboard strokes to collect private information like passwords or bank account information, experts said.

More likely, though, said DeBolt, the virus may try to get computer users to buy fake software or spend money on other phony products.

Experts said computer hackers largely have moved away from showboating and causing random trouble. They now usually try to make money off their viral programs.

DeBolt said Conficker C imbeds itself deep in the computer where it is difficult to track. The program, for instance, stops Windows from conducting automatic updates that could prevent the malware from causing damage.

The program's code is also written to evolve over time and its author appears to be making updates to thwart some of the Conficker Cabal's attempts to neuter the worm.

source: www.cnn.com

Related post:
Prevention of Conficker Worm also known as April Fool's Day virus
Conficker virus summary