conficker the next Y2K?

**HRVATSKI_VOJNIK** · 31-03-2009, 06:32 PM

just thought i should give a heads up on the new major Worm that's going around

conficker at the moment is just waiting for instructions which will be given tomorrow. Symantec doesn't really know what its gonna do, but reackon it'll do the usual, steal ID, bank details etc.

there's an 60 Minutes interview on their website (while CBS got infected ) as well as some basic removal apps for it.

being an I.T guy, just thought i should give a heads up. its said to infected 15+million computers already, but then again it might just be an Y2K style April fools joke.

Conficker - April 1st Virus - April Fools Virus - W32.Downadup Worm | The Conficker C Worm
http://news.bbc.co.uk/2/hi/technology/7973131.stm
http://en.wikipedia.org/wiki/Conficker

P.S no dumb comments about symantec, i just posted up the link because its got the video, some info and basic removal tools. use which security/ anti-virus software you like

**davway** · 31-03-2009, 07:59 PM

how would you know if you have it? (without the obvious use of a scanner)

**vlv8vic** · 31-03-2009, 08:02 PM

thank **** i drive a geeky macbook.

**Evolution_Ends_Here** · 31-03-2009, 08:02 PM

heard about it on the news

**NORTI** · 31-03-2009, 08:08 PM

It seems to use a hole that was patched in the oct 08 windows update, so if you have an up to date AV & do windows updates regularly, then you should be okay.

reading more about it, Im thinking some DoS attacks might not be out of the question....

& wow @ the creators, Im in awe of the steps taken to hide this thing, make it cover its tracks & evade AV detection....

**HRVATSKI_VOJNIK** · 31-03-2009, 08:29 PM

Originally Posted by davway

how would you know if you have it? (without the obvious use of a scanner)

Symptoms

* Account lockout policies being reset automatically.
* Certain Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Error Reporting Services disabled.
* Domain controllers responding slowly to client requests.
* Unusual amounts of traffic on local area networks.
* Websites related to antivirus software becoming inaccessible

Originally Posted by NORTI

reading more about it, Im thinking some DoS attacks might not be out of the question....

Chernobyl Virus V2?

**VS Omega** · 31-03-2009, 10:30 PM

Thankful that my build of windows is from 5th March '09 and hopefully invulnerable (win7)

**Joey_21** · 31-03-2009, 10:39 PM

just dont access ur bank details etc from the net until given the ok or better yet dont go on the net at all 2morow

**Evolution_Ends_Here** · 31-03-2009, 10:43 PM

Originally Posted by Joey_21

just dont access ur bank details etc from the net until given the ok or better yet dont go on the net at all 2morow

i'll just access my bank account on my phone

**one_and_only2004** · 31-03-2009, 10:49 PM

Download details: Windows Malicious Software Removal Tool

apparently that's the thing that MS released to remove it with.

**delcowizzid** · 31-03-2009, 11:30 PM

XP SP1 here and still alive

**System** · 01-04-2009, 09:40 PM

Originally Posted by Joey_21

just dont access ur bank details etc from the net until given the ok or better yet dont go on the net at all 2morow

shit.... 10 minutes b4 i read this i checked my balance lol :P

meh i'm not worried, i havnt seen anything strange yet, and i always go on the net with everything up and running, i have good anti virus programs etc, plus i'm updating windows as i type this

**HRVATSKI_VOJNIK** · 02-04-2009, 08:16 AM

well it looks like it failed to update/spread itself. so we are safe for now

looks like the "hacker" will wait for the heat to dye down before he sends the updates.

**System** · 02-04-2009, 05:17 PM

Originally Posted by HRVATSKI_VOJNIK

well it looks like it failed to update/spread itself. so we are safe for now

looks like the "hacker" will wait for the heat to dye down before he sends the updates.

its still good to keep everything up to scratch tho- if this one doesnt get in, another worm/trojan can work its way in

**delcowizzid** · 02-04-2009, 05:29 PM

i just removed 40+ trojans and exe's from my system took ages.all happened last night

**danja** · 02-04-2009, 05:37 PM

Meh, if you don't install updates regularly you deserve all the viruses they can throw at you IMO.

It's like not putting petrol in your car then complaining when it stops running

**Rufus®** · 02-04-2009, 05:56 PM

Originally Posted by danja

Meh, if you don't install updates regularly you deserve all the viruses they can throw at you IMO.

It's like not putting petrol in your car then complaining when it stops running

No Windoze is more like, buying a car, 6 months later you get the seat belts, 6 months after that the brakes.......

**delcowizzid** · 02-04-2009, 06:16 PM

haha if i goto SP2 my temporary PC dont keep up to sloooow so im stuck on sp1 right now

**Rufus®** · 02-04-2009, 06:32 PM

Originally Posted by delcowizzid

haha if i goto SP2 my temporary PC dont keep up to sloooow so im stuck on sp1 right now

yeah similar here, if i update to sp3, i lose all wireless networking. easier not to upgrade.

**System** · 02-04-2009, 07:32 PM

Originally Posted by delcowizzid

i just removed 40+ trojans and exe's from my system took ages.all happened last night

40?! ONE is bad enough hahaha

good to see you got rid of em... how the hell did that many get in?

**Boonz** · 02-04-2009, 07:34 PM

antivirus could of been updating or something...

**delcowizzid** · 02-04-2009, 08:02 PM

was fine yesterday didnt have any at all turned it on today and task manager went haywire with heaps of things starting up at once trusty old superantispyware ridded me of the little buggas but it took a while as they were causing it to crash but i got them in the end.some had cloned themselves as svhost and were trying to gain access to the net.

**jameswh** · 05-04-2009, 01:56 PM

I had a chaotic time with Conficker at work.
It infected our Symantec server (yep, go figure), which is also our DNS server. So, people had an awfully hard time resolving host names and such, which meant that a lot of network shares were inaccessible. Had to change the DNS addresses on a lot of our servers to a co-lo DNS server that we have in Pitt Street while I stabbed away at Conficker. Wasn't fun at all.
Thankfully, not too many client PCs were infected.

**danja** · 05-04-2009, 02:22 PM

Originally Posted by jameswh

I had a chaotic time with Conficker at work.
It infected our Symantec server (yep, go figure), which is also our DNS server. So, people had an awfully hard time resolving host names and such, which meant that a lot of network shares were inaccessible. Had to change the DNS addresses on a lot of our servers to a co-lo DNS server that we have in Pitt Street while I stabbed away at Conficker. Wasn't fun at all.
Thankfully, not too many client PCs were infected.

Virtual servers FTW

**jameswh** · 05-04-2009, 02:24 PM

Originally Posted by danja

Virtual servers FTW

You try negotiating that with my boss! It's impossible!
We quite literally have about 30 servers sitting in our server room. It's bloody ridiculous.
You don't want to be around when the air conditioning fails. : \

Thread: conficker the next Y2K?

LinkBack

Thread Tools

Display

conficker the next Y2K?

Posting Permissions