View Thread

 Print Thread
April 1st computer worm
In an event that hits the computer world only once every few years, security experts are racing against time to mitigate the impact of a bit of malware which is set to wreak havoc on a hard-coded date. As is often the case, that date is April 1.

Malware creators love to target April Fool's Day with their wares, and the latest worm, called Conficker C, could be one of the most damaging attacks we've seen in years.

Conficker first bubbled up in late 2008 and began making headlines in January as known infections topped 9 million computers. Now in its third variant, Conficker C, the worm has grown incredibly complicated, powerful, and virulent... though no one is quite sure exactly what it will do when D-Day arrives.


If you use your computer wisely, this probably won't affect you. But for those thousands that cruise the internet cluelessly, this will be something to see.
"The world is my country, and do good is my religion." - Thomas Paine
Yes, I know of this worm. I have the feeling the current author is not a random hacker doing it for jollies, I suspect it is being updated by agents of another government or by agents of organized crime. It has become too sophisticated and they are too on top of things to be some random person or team of jolly hackzors.

Every time teams of anti-hackzors/crackers get close to disabling the code, the author changes it. I think the original author might have been some random person, but over the last year the worm has changed so much that I suspect a team of criminals are working on it around the clock to detect intrusions into the bot network. Someone seems to be manning the master computer 24/7.

I am hoping I am wrong and it's just some overly obsessed hackzor/crackzor but it is possible that the worm is after important things like your identity and financial info and isn't just set up to say "ha ha April fools , I'm going to reformat your drive now". They may also be using the April 1st bomb to test the worm's capabilities so they can create a new variant that will be undetected and give them the info they are seeking without anyone knowing how they are doing it. It's also possible this worm is a diversion and an undetected rootkit worm will be activated while everyone is busy panicking about the Conficker worm.

Cyber crime is more of a threat than most people realize. It's not our home computers that are really at risk, it's the financial institutions, utilities, and the infrastructure. If terrorists ever employ better hackers than our government and corporations do, we're screwed.

I was notified that one of the major data storage companies for credit cards and debit cards was breached. You know that magnetic strip on your cards and the little machines that swipe them? Well, the company who stores that data was breached late last year. They kept it quiet until a week or so ago because they were investigating. They claim that customers are not at high risk. Yeah, whatever. We're always at high risk, we just have to hope we don't get nailed when someone pulls the trigger on the machine gun.

Edited by RayvenAlandria on 03/26/2009 12:55
It would be bad for business for the company to admit that its customers were at high risk. Don't worry about it, they have the situation well in hand. Right.

There is no telling about the April 1st worm. One can't know whether they are crying wolf again or whether it's going to be a disaster. We'll soon see. It's nice to have something to look forward to.
"If I owned both Hell and Texas, I'd live in Hell and rent out Texas." - General Sheridan
Words of the wise, Skeeve. Smile Computers are just like sex, if you practice them safely you will be virus free.

I think for the most part they are blowing this WAY out of proportion like they normally do. They are all OMG OMG mass hysteria, bats flying around, chickens with heads on stick and maybe a flying monkey or two.....then April fools rolls around. *cricketts chirping*
Now of course the security side of me starts thinking about this. It also caught the attention of VzW. We are not taking any chances with it. We have clueless customers who I deal with on a daily basis that have VPN issues and all other kinds of garbage. On April 1st we are going to trend slow speed issues and watch for a similar IP address floating across our network from all market regions so that we may instantly block it from traveling over our network. We have done this with the BOTNETS already. 85.x.x.x is the address of the botnet DNServers. Oh and there is no 24/7 monitoring of the botnets by the criminals. It can be a one man operation. The servers of the botnet are rather intelligent to and can monitor themselves, they are Linux boxes after all Smile

Over all I am really excited about it. I can't wait to see if it is the computer equivalent of mass genocide hehe

BELOW is more of a rant on IT security...or the lack there-of:
It is not only the credit card companies it is ALL of the IT field. They are so fscking stupid and lax on security now, I am surprised they morons were hired in the first place. I am sure you have heard those stories where laptops of some company were stolen from an employees car. First off, if you cant handle the responsibility of of laptop, you don't need one, you don't leave shit like that in your car. Second, you always hear later that the hard drive or flash drive that was stolen was NOT ENCRYPTED. WHAT THE FSCK IS THAT ABOUT!? You know I have a flash drive that I carry back and forth from work. I have some simple personal stuff on it, tech programs for when I am out and happen to run across someone with computer troubles and sensitive work materials on it, that if released could have a negative effect on VzW if it landed on the wrong hands. I have all this sensitive information in a file encapsulated under 3 layers of protection. AES, TwoFish & Serpent. Ciphered in a cascaded XTS format. Each block is encrypted first using Serpent 256bit then TwoFish 256bit and finally AES 256bit. Each cipher uses its own key and they operate independently AND it uses the SHA-512 hash algorithm to code it all at 512bit. The AES in itself is FIPS approved and is used by the U.S. Gov't to protect classified information all the way up to top secret level. UBER!
That's right, I said it...
Jump to Forum: