Hype, April fool’s day, and the Conficker worm

Image (1) conficker-sun.jpg for post 12030

“Millions of computers around the world could go into meltdown on April 1 because of a deadly virus.”

Those are the words from a report in today’s soaraway Sun, a British tabloid newspaper.

Report on the Conficker worm from The Sun

With that kind of talk in a national newspaper (and there are plenty of other examples in the media at the moment) you could understand why some companies and home users might be worried about what might happen next Wednesday.

Well, as I’ve already mentioned on the blog, no-one knows what Conficker might or might not do on April 1st.

It’s quite possible that Conficker will not do anything significant on April 1st. Certainly it won’t be “deadly” and your computers won’t melt. :-)

The fact of the matter is that Conficker is not set to activate a specific payload on that date. Rather, on April 1st Conficker will begin to attempt to contact the 50,000-a-day potential call-home web servers from which it may receive updates.

But it’s just as likely that Conficker will receive instructions to do something on March 28th, or April 2nd, or April 14th as it will on April 1st. The emphasis by some media outlets on April 1st is really unfortunate.

What we can say with certainty is that people should keep their protection up-to-date, ensure that they have firewalls and security patches in place, have a proper policy in place regarding USB usage and passwords. In addition it wouldn’t do any harm – if you suspect you may be infected by Conficker – to run a Conficker removal tool such as the free one from Sophos.

By the way, although I’m quoted in the report, the reporter didn’t speak to me (Mikko Hypponen at F-Secure says he wasn’t spoken to either). Nevertheless, I feel a little bit embarrassed to be referenced alongside such a scary headline and doom-laden graphics.

More information about Conficker: