The analysts at ESET have carefully watched the commencement of activity of the worm Win32/Conficker.X. The worm has in its body an embedded command to trigger its activity on April 1st. This command has thus been activated, prompting the worm to start communication with a randomly-generated number of domains out of the estimated daily total of 50,000 where the worm checks for instructions.
Even if the worm’s far reaching damaging impact on the Internet infrastructure did not materialize, it can be expected that Conficker’s authors will start using the botnet for activities usually associated with this kind of venture – i.e. using the botnet to spread spam or other kinds of computer malware on a mass scale. According to Juraj Malcho, the Head of ESET Virus Laboratory "It is hard to imagine that the worm's authors would not take advantage of such a meticulously constructed botnet.” His view concurs with that expressed by David Harley, Director of Malware Intelligence of the US branch of ESET in his blogpost, "it would be bizarre to put this much effort into a project and then not try to make some profit out of it."
Despite the fact that Conficker is presently a sort of a superstar on the virus scene, it is in reality just one of millions of computer threats lurking in cyberspace spread through email and increasingly via exchangeable media. By informing about the spread of the worm’s several variants, antivirus vendors have done their share of raising awareness of the importance of computer security in combating emerging malware.
The latest Threat Trends report for March 2009 shows that while Conflicker is the most rampant piece of malware out there, OnLineGames family of Trojans is following in close second place, stealing credentials for playing online games, and the Autorun virus is closly behind, infecting computers through compromised USB pendrives. See the latest report here: http://eset.ie/threat-center/case_study/GlobalThreatTrendsMarch2009.pdf
The truth is there are several simple steps to be taken to increase the level of protection from malware. The minute the user deactivats the Windows autorun function, he or she is protected from thousands of computer threats, including Conficker.
Also, if the user sets a strong password (using a combination of lower and upper case letters, coupled with numbers), he/she has contributed to improving computer security and is protected from many a malware attack, including Conficker.
If the user takes the time to update (patch) Windows operating system and on top of that installs a suitable security software – antivirus, or a more complex security suite (avoiding the various so-called 'rogue antivirus' knock-offs), he or she extends the level of protection even further and is shielded literally from hundreds of thousands of infiltrations, including Conficker. |
