Conficker – What the FAQ

It is the first of April and no time for jokes because the Conficker worm is serious business … loss of business for those infected and big business for those who wrote it.

The big question on everybody’s mind, apart from whether the G20 can get the globe out of a deep recession, is whether anything special has happened today vis-a-vis Conficker’s much-hyped 1st of April payload.

Well, nothing out of the ordinary has manifested itself thus far, apart from our Support department being inundated with Conficker-related queries. We know that the latest variant of Conficker (aka Conficker.C) has the ability to update itself and modify its functionality in various ways but the apocalypse is still some way away despite the predictions of countless 10th century monks at Cluny and elsewhere.

SophosLabs invites you, if you think you are hard enough, to the read the technical paper compiled by Mike Wood in our Canadian lab and Niall Fitzgibbon in our UK lab. This paper divulges the intimate details of the functionality of the latest variant of Conficker, leaving its author bereft of his/her/their secrets. If you had questions about Conficker, this is the paper for you.

If you happen to be infected with Conficker or just want to be on the safe side, Sophos does have a cleanup tool which is free to download and more information can be accessed here.

There are numerous blogs about Conficker. Please have a look through our fare through the last few months.