Monster virus may be impotent
The people behind the Conficker.B virus may have their heads in their hands today. While the virus has spread rapidly to millions of machines, it’s looking possible that its havoc-wreaking features don’t actually work.
As we reported this week, Microsoft just issued a removal tool for the original Conficker virus, but warned of a dangerous new variant which spreads through alternative means including brute-force, guessing network passwords and piggy-backing on USB drives.
That warning proved timely: by the weekend there were reports of up to nine million computers infected by the virus, including some you’d have thought would have been well protected such as those belonging to the British Ministry of Defence.
However, the Associated Press today quotes F-Secure, the company which came up with the nine million figure, as saying the virus appears to be flawed. While it’s clearly doing an awesome job of spreading itself, it doesn’t seem to actually be doing anything on the machines.
The firm believes the virus is meant to produce bogus security warnings to pressure computer owners into buying security software. In most such cases the product on offer is worthless and it’s just a way to capture both a payment and a set of valid credit card details. But F-Secure thinks the authors of the virus may have bungled this aspect of the operation.
While the news is reassuring, it’s not a time to be complacent: as F-Secure points out, the virus authors still have a worrying level of control over millions of machines. The firm also notes that the virus is designed to disable Microsoft’s automatic security updates, so anyone assuming things will sort themselves out may be out of luck.
Incidentally, the most amusing (in an entirely geeky manner) mainstream headline for this story must be from Sky News in the UK which opts for ‘Computer Worm Goes Out Of Control’. Surely that’s the entire point?
Related Posts:
