Conficker: No big bang but it lies dormant

Scroll down for free detection and removal tools.

The Conficker worm was slated to “phone home” on April 1st but based on reports from security experts, machine’s that made the call didn’t get an answer from the master computers designed to give them instructions.  But don’t take this as a sign to relax.  The worm — which currently doesn’t have a “payload” —  can lie dormant in a PC and strike at any time. In fact, given the world-wide attention to the April 1st trigger, many experts say that the criminals behind Conficker may have deliberately programmed their master PCs to hold off with the intention of doing something later when people aren’t paying attention.

Conficker’s authors put in code that allows the worm to communicate with a master computer to get instructions. Once it gets them, any infected machine can carry them out.  What instructions it might get isn’t known but it could be to turn individual machines into “spambots,” which means your PC could wind up relaying spam to others. It could also install a “keylogger” program on PCs which gives the hackers access to people’s user names and passwords.

Even if everything is fine now, it’s important to make sure that your machine doesn’t have Conficker or any other worm, virus or other “malware.”  Not only can Conficker strike later, but it has lots of cousins. In fact, there are thousands of worms and viruses floating around and this is a continual threat. 

Below are some free tools that can help scan your machine.  These tools work only with machines running Microsoft Windows. Although Macs are vulnerable to some (though not as many as Windows) threats, Mac users don’t have to worry about Conficker.

If your computer is infected and (therefore) can’t reach any of the security websites, download a removal tool from another computer and install it on your using a USB drive, CD or other removable media.

Microsoft Tool

Symantec

McAfee

Kaspersky (direct download, not a web page)

TrendMicro

Panda removal tool

More listings at  Dshield.org

For More Information

Conficker FAQ (from CNET)

Podcast interview with TrendMicro expert David Perry

Podcast: Worm ‘phoning home’ but getting no answer

Homeland Security Bulletin (more links)

Be the first to comment

Leave a Reply