With the Conflicker worm having become the latest of the Internet scares being propagated by the main stream news media we thought it essential to cover this topic a bit. The Conflicker worm is programmed so that infected machines attempt to update themeselves periodically with the next known update being for April 1, 2009. That doesn’t mean the world will end!
First thing to consider is that Conflicker, like most of the malware (malicious software) released to the Internet in the past 5-6 years, is *not* likely to do any real, irreversible damage to your computer systems. It’s essential to understand that the programmers creating most modern malware are profit driven and see this as a business. They’re not going to make money by destroying computers. What they *do* want to achieve is to be able to use others computer systems for illegal activities which is most commonly for sending spam.
Case in point is that Dean Turner of Symantec Security says he doubts there will be substantial cyber disaster. More than likely the internet will not go down, the makers of Conflicker C are profit driven and need the computers in the botnet to make money for them by sending out spam emails and so on. Paul Ferguson of Trend Micro agrees. He says these people, “don’t want to bring down the infrastructure. That would not allow them to continue to carry out their scams.”
I hope you’re convinced (and relieved) that the world (or more directly the Internet) is unlikely to end on April 1, 2009 or anytime thereafter because of the actions of malware programmers. Either way most people want to know that their computer system is secure and they’re protected with which I heartily agree.
Let’s look at (1)a quick check list of items that will need to be in place to protect your computer system(s) and (2) how to check to see if your system might already be infected.
(Note: Clients of Shafer Consulting that have an active service agreement are protected as all updates and anti-virus protection are checked/executed as part of the monthly services items.)
Check the following to see if your protection is current:
- Microsoft Windows updates should always be current. Microsoft released the initial fix for this back in October. If your Microsoft Windows computer is being updated regulary this patch should have been installed in the next update you did after mid-October 2008.
- If you really want to verify the update was applied then in your Windows machine:
- go to the “Start” icon and then “Control Panel -> Add or Remove Programs” (Note: Depending upon the menu choice you’re using you may have to use “Start -> Settings – Control Panel ->Add or Remove Programs”)
- Once in the “Add or Remove Programs” area check the box at the top of the page that is titled “Show updates”. With this item selected you will now be able to see all the installed programs and the Windows updates that have been installed. You want to verify that KB958644 has been installed.
- Anti-Virus: In today’s connected world *no* computer should be without anti-virus software. Moreover it’s essential to make sure that the anti-virus software is regularly updating the virus signatures. Typically when you open the anti-virus software you will see a place that gives the date of the last update or the date of the signatures database. Make sure this is less than several days old at most. If older than several days run the “update” option and make sure it worked! A full scan of your computer probably isn’t a bad idea either when not in use such as during lunch or at the end of the day.
A simple check for current infection:
1. Try contacting one of the links below that connect to well known anti-virus vendors. Conflicker is setup to block access to the most commonly known anti-virus vendor sites such as McAfee, Symantec and Kaspersky. If you can reach these websites you’re machine is likely *not* infected.