Conficker Worm Infects Many Without Causing Chaos

Computer experts across the globe watched networks carefully yesterday as the Conficker virus was set to infect millions of computers. However, the internet chaos that was feared wasn’t seen by midday, while PCs that were infected with the worm attempted to establish a link to command servers.

The first version of the Conficker worm was activated on November 21st, 2008. The virus was relatively simple at first, but the creators of the worm updated it three times since, which has turned it into a more resilient and sophisticated virus that finds new ways to spread from computer to computer. Conficker has also learned how to shut down the defenses of a computer.

Conficker can infect PCs by exploiting the weak points of Windows. At the peak of infections, the worm had compromised around 12 million computers, but this may have lessened due to new security measures. Once a computer is infect with Conficker, that PC will become part of a computer network, which is known as a ‘botnet’, that the creator can control.

So far the worm has infected hospitals, schools, and even spread to government departments. Conficker has reportedly infected the defense forces of Germany, Britain, and France, grounding the fighter jets of the French Navy for a while. Plus, a memorandum leaked from the House of Commons unveiling that the IT network of the parliament was infected as well.

Fear of the actions that the virus may take on April 1st spread around the world, as this was the date when Conficker was set to use local time clocks in order to change programming. The creators of the virus are unknown, as well as what their intentions are with the vast network of computers that are now infected and in their control.

Written by Steve Dunbevand on April 2, 2009 · Filed Under Business, Science & Technology 

Comments

One Response to “Conficker Worm Infects Many Without Causing Chaos”

  1. Niels on April 2nd, 2009 11:27 am

    “Computer experts across the globe watched networks carefully yesterday as the Conficker virus was set to infect millions of computers. However, the internet chaos that was feared wasn’t seen by midday, while PCs that were infected with the worm attempted to establish a link to command servers.”

    There never was any expectation that millions of new computers would be infected; after all, the propagation methods to infect new hosts was removed by the authors in the Conficker. C variant.

    The expectation was that infected systems would start polling 500 sites a day out of 50.000 generated domains. This is exactly what happened, although the new code does not seem to be available yet.

    As this polling will continue, there is a big chance that this code will start to be distributed to infected machines in the near future.

Got something to say?