Hype, April fool's day, and the Conficker worm

by Graham Cluley on March 27, 2009 | Leave a comment

Filed Under: Malware

"Millions of computers around the world could go into meltdown on April 1 because of a deadly virus."

Those are the words from a report in today's soaraway Sun, a British tabloid newspaper.

Report on the Conficker worm from The Sun

With that kind of talk in a national newspaper (and there are plenty of other examples in the media at the moment) you could understand why some companies and home users might be worried about what might happen next Wednesday.

Well, as I've already mentioned on the blog, no-one knows what Conficker might or might not do on April 1st.

It's quite possible that Conficker will not do anything significant on April 1st. Certainly it won't be "deadly" and your computers won't melt. :-)

The fact of the matter is that Conficker is not set to activate a specific payload on that date. Rather, on April 1st Conficker will begin to attempt to contact the 50,000-a-day potential call-home web servers from which it may receive updates.

But it's just as likely that Conficker will receive instructions to do something on March 28th, or April 2nd, or April 14th as it will on April 1st. The emphasis by some media outlets on April 1st is really unfortunate.

What we can say with certainty is that people should keep their protection up-to-date, ensure that they have firewalls and security patches in place, have a proper policy in place regarding USB usage and passwords. In addition it wouldn't do any harm - if you suspect you may be infected by Conficker - to run a Conficker removal tool such as the free one from Sophos.

By the way, although I'm quoted in the report, the reporter didn't speak to me (Mikko Hypponen at F-Secure says he wasn't spoken to either). Nevertheless, I feel a little bit embarrassed to be referenced alongside such a scary headline and doom-laden graphics.

More information about Conficker:

Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.