Conficker is starting to show signs of coming to life. Through it’s own P2P file sharing methods, Conficker’s 12 million or so infected systems are now receiving their payload according to security experts at Trend Micro. Conficker is performing just as indended from the master. On April 1, 2009 the infected machines started to call home to receive their instructions which started to execute in the past few days. Conficker is now starting to do it’s work.
Read Bulletproof’s steps to protect your system from the Conficker.C worm.
Still to this day, even a week after the April 1 announced Conficker instruction update day, industry experts do not have a complete idea on what the entire outbreak will look like. We know today that Conficker is preforming keylogger functions (monitoring and reporting all keyboard strokes on the infected system) and malware to potentially steal sensitive data off your computer. However, the real damage is still being figured out by security experts.
What can you do to protect your business?
- It you can get to your Antivirus software company website, chances are you are not infected. Check by going to http://www.trendmicro.com.
- Make sure your Windows Updates are up to date. Visit http://www.windowsupdate.com and ensure your system is up to date.
- Run the Microsoft Malicious Software Repair Tool
- Ensure your Antivirus Software is up to date, visit your software provider to get the latest updates. If you are a home user and not part of a business network, you can get free antivirus software from AVG. Download the Free AVG Antivirus Software today.
- Make sure your Windows Firewall is turn on.
- Ensure you have an anti-malware product running, Windows Defender is a good tool to protect your system.
- Make sure your File and Print Sharing are turn off if you are not sharing information on your computer.
- Disable any “Auto-run” settings for CD’s, DVD’s or memory sticks
- Make sure you have a firewall on your home network.
Common sense must be exercised at all times while on the Internet. The Internet is a minefield and new threats are being found every day. You can’t run and hide, but you need to be secured from the threats out on the Internet today. Here are some basic tips:
- Don’t open any attachments from anyone that your not expecting, this goes for social networking sites like Facebook, Twitter, LinkedIn or any other sites. Also files can be transferred on Instant Messengers as well. Open attachments can be dangerous, if it looks suspicious, don’t open it.
- Any website can contain malware, some of largest companies have malware on their websites. Ensure you are running services on your computer that will protect you. Antivirus, Anti-malware, Firewalls and you practice good surfing habits.
2 weeks ago, my computer began to have the same symptoms as Conficker. First, I could not access certain high-level web sites. Then My windows Update did not function. Then, finally, my AV would not update. During all this time (5 or so days), my computer’s performance went straight downhill. I immediately segregated the computer from the network, then downloaded 5 different Conficker “search ‘n destroy” apps onto a CD from my other “clean” computer, ran 3 of the 5 programs on my “infected” computer, but they all turned up “no Conficker found”.
Hmmmm. Then I thought to take a look to verify that I had indeed installed the MS Security Update last November – took all of 3 minutes to get the # from MS, confirm that it was indeed installed. I was stumped. Then I remember that I had installed two weeks prior (for a trial) a P2P program – one that protects your system from being tracked while visiting other websites. Unfortunately, this program used an online database as it’s reference of websites to block your computers activities from – and it worked by blocking my access to these websites as well. As soon as I uninstalled this little program (which seemed otherwise to work like a charm!), all my “Conficker” “problems” went away as well. My computer connects to everything now, Speed is back up, my network connections all work fine now and I am pissed that I didn’t confirm that I had the MS updates install FIRST before panicking that I was infected with Conficker! Quick check proved that all 5 of my computers were clean and up-to-date.
Moral of the story: Confirm your settings and updates before going off the deep end and assuming the worst and trying to “fix” that problem without ensuring you have a problem in the first place!
Make Sense?
BTW – Anyone want a CD and a DVD with 5 different Conficker Removal Tools?
Here is a great website to test if you are infected – http://www.baylor.edu/its/security/conficker/