Saturday, February 14, 2009

Everyone is hunting ‘Conficker’ to get Microsoft $250,000 bounty

This story is straight out of a futuristic movie. Our security in the information age is threatened by a ‘super-worm’, which has Microsoft so worried that its offering a quarter of a million dollars to anyone who gets information that leads to the arrest and conviction of those responsible for unleashing it.

The "Conficker" worm is now public enemy number one, thanks to Microsoft’s recession-busting award. You can imagine that a massive, wide-scale collaboration of web users is now coming together to hunt down the perpetrators. Apart from level-headed, concerned bodies like industry organizations, academics and Internet policy groups; there’s going to be an electronic mob ravaging the Internet, like bounty hunters once ravaged the Wild West!

Maybe, if this sudden, collaborative flurry of dealing with Conficker actually succeeds, then it will provide a clear path to the best way to deal with such future ‘digital pandemics’: unleash everyone by promising money!

The bounty award is understandable if Microsoft is set to lose more money the longer this problem goes on. Industry estimates suggest that Conficker, which exploits Microsoft Windows PCs, may have hit up to 10 million machines. For now, it appears Microsoft has reports on 3 million PCs worldwide being infected.

What Conficker does is use a mathematical algorithm to tell infected systems to regularly contact a list of 250 different domain names each day. If just one of those domains is registered by the virus writer, it could be used to download a secondary component to all infected systems, such as malicious software.

This is quite advanced functionality, and the fact no one knows who created Conficker, and what the malicious software could do makes it even more worrying!

So, in the absence of this knowledge, there’s a growing hysteria as commentators call it a ‘super-worm’ which could be “lethal weapon in the hands of whoever controls it.”

Conficker first surfaced in November, and the anti-virus community began studying it. Researchers were then able to begin registering the 250 domains sought daily by Conficker-infected systems to monitor the instructions Conficker is sending.

Apparently, a number of the domains in the names of the FBI and Microsoft.

So, the FBI is already investigating individuals who own some domains sought by Conficker. Another interesting twist is that it turns out that many of these domains belong to researchers and anti-virus companies that put them up to gather intelligence about the worm.

It’s now becoming a wild goose chase, and taking on 21st century science-fiction proportions. It’s painfully entertaining too. Keep an eye on the Conficker phenomena, and maybe you can make a bit of money too!

zanasser@gmail.com

2 Comments:

At 8:21 PM , Anonymous Anonymous said...

We are still seeing a lot of individuals coming to our site, locked out from Microsoft and anti-virus sites by the virus, trying to fix their computers. The Conficker Cabal helps the industry, but not the PC owners. The industry needs to set up a common, free support site at one or more unblocked domains with tools for victims to fix their Windows machines. XP Home users, for example, have no simple way outside of the registry hack (documented on our site and several others) to disable Autoplay. These infected machines represent a potential ongoing source of reinfection. People are paying rental geeks hundreds of dollars on house calls even though they owned (and regularly updated) antivirus software. Finally, the technical community needs to stop the "ha ha - get a mac/linux" attitude and act with a sense of service to their friends and neighbors who own and enjoy Windows PCs.

 
At 3:24 PM , Anonymous Anonymous said...

ha ha - get a mac/linux!!

;-)

 

Post a Comment

Subscribe to Post Comments [Atom]

<< Home