Conficker virus has awoken, causing problems (see page 6, solewoman's post)

So is it really happening?
nerd.gif
 
FML....seems like my computer is the only one tripping...it only works in safe mode and it wont let me do a system restore
smh.gif
 
^ life def sorry to hear that bro... My girl told me to do al that microsoft stuff last night but i totally forgot nothing has happened so far tho
 
Originally Posted by MOSTHATED770

Y'all act like your lifes can't go on without a computer
Click to expand...
Well, if there are some kind of keystroke recording things in this virus, it could really effect people.

CC/Bank accounts, email...a lot of important things go into our computer that if put in the wrong hands could really mess us up.
 
I think something may have happened to me too. I was on NT and then the screen just went BLUE and a message came up saying "Windows has shut down toprotect an error from occurring" or something like that. Then it restarted. I had installed a Windows update last night and after that happened I triedagain and it said it wouldn't let me. Then I tried AGAIN and it said there were no updates available. I'm currently running MalwareBytes (again, I didit like two days ago) and hoping nothing is wrong.

Is the blue screen error unrelated to the April Fool's day virus?
 
Originally Posted by MOSTHATED770

Y'all act like your lifes can't go on without a computer
Click to expand...
some people have important documents and info on them

and school work
grin.gif
...not to mention what they have to pay to get it fixed!
 
[h1]Conficker wakes up, updates via P2P, drops payload[/h1]
  • Story Highlights
  • The Conficker worm, scheduled to awaken April 1, is finally doing something
  • The worm is infiltrating computers in a staggered manner instead of all at once
  • Experts suspect program is designed to steal sensitive data from infected computers
  • Worm is set to shut down on May 3, according to the TrendLabs Malware Blog
By Elinor Mills

(CNET) -- The Conficker worm is finally doing something--updating via peer-to-peer between infected computers and dropping a mystery payload on infected computers, Trend Micro said on Wednesday.

Researchers were analyzing the code of the software that is being dropped onto infected computers but suspect that it is a keystroke logger or some other program designed to steal sensitive data off the machine, said David Perry, global director of security education at Trend Micro.

The software appeared to be a .sys component hiding behind a rootkit, which is software that is designed to hide the fact that a computer has been compromised, according to Trend Micro. The software is heavily encrypted, which makes code analysis difficult, the researchers said.

The worm also tries to connect to MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com as a way to test that the computer has Internet connectivity, deletes all traces of itself in the host machine, and is set to shut down on May 3, according to the TrendLabs Malware Blog.

Because infected computers are receiving the new component in a staggered manner rather than all at once there should be no disruption to the Web sites the computers visit, said Paul Ferguson, advanced threats researcher for Trend Micro.

"After May 3, it shuts down and won't do any replication," Perry said. However, infected computers could still be remotely controlled to do something else, he added.

On Tuesday night Trend Micro researchers noticed a new file in the Windows Temp folder and a huge encrypted TCP response from a known Conficker P2P IP node hosted in Korea.

"As expected, the P2P communications of the Downad/Conficker botnet may have just been used to serve an update, and not via HTTP," the blog post says. "The Conficker/Downad P2P communications is now running in full swing!"

In addition to adding the new propagation functionality, Conficker communicates with servers that are associated with the Waledac family of malware and its Storm botnet, according to a separate blog post by Trend Micro security researcher Rik Ferguson.

The worm tries to access a known Waledac domain and download another encrypted file, the researchers said.

Conficker.C failed to make a splash a week ago despite the fact that it was programmed to activate on April 1. It has infected between 3 million and 12 million computers, according to Perry.

Initially, researchers thought they were seeing a new variant of the Conficker worm, but now they believe it is merely a new component of the worm.

The worm spreads via a hole in Windows that Microsoft patched in October, as well as through removable storage devices and network shares with weak passwords.

The worm disables security software and blocks access to security Web sites.

[emoji]169[/emoji] 2009 CBS Interactive Inc. All rights reserved. CNET, CNET.com and the CNET logo are registered trademarks of CBS Interactive Inc. Used by permission.
Click to expand...
 
You must log in or register to reply here.

The ultimate sneaker enthusiast community.

NikeTalk was created as a way of giving back to both the sneaker enthusiast community and to the greater global community of which we are all a part.

NikeTalk is NOT affiliated with Nike Inc. in any way, shape, or form. All opinions expressed herein do not necessarily reflect those of Nike, Inc.

© 1999-2024 NikeTalk.com

Share this page

Back
Top Bottom