By: Marco A. Ayllon
Nautilus Technology News
March 30, 2009
A gouvernment information security watchdog has issued a warning to take precautions against a fast-mutating malicious computer program poised to strike on Wednesday.
In a bulletin sent out on Monday, the Singapore Computer Emergency Response Team (SingCert) warned that the latest variant of the Conficker worm, known as Conficker.C, may 'become active on April 1'.
SingCert, a unit of technology sector regulator Infocomm Development Authority of Singapore, identifies information security threats and coordinates computer security responses to events like hacking attacks.
Conficker targets computers running Microsoft Windows software, automatically jumping from an infected computer to another over a local network or by hitching a ride on a portable storage devices like USB-drives. Only computers that have not been updated with new security signatures are vulnerable. The worm is one of the more sophisticated such programs developed to date.
Unlike earlier versions like 2004's Sasser worm, which was easily found and subsequently de-wormed by a vigilant user, Conficker's creator, who remains at large despite a US$250,000 (about S$380,000) bounty put up by Microsoft, regularly comes up with new and improved versions of the worm to foil such efforts.
The newest variant, Conficker.C, the fourth incarnation of the worm since it was first discovered last year, disables security features like Microsoft Windows Automatic Update. One of Conficker's key features is its ability to call up a 'master computer' via the Internet for directions, which is also present in its newest variant in a new and improved form.
On Wednesday, Conficker.C infected computers will do just this, SingCert warned on Monday, although 'the exact nature of the activity that will occur on that day is not known at this time.'
Since it was released last year, Conficker has claimed more than ten million victims worldwide, including computers used by the British Parliament. While definitive statistics of Conficker infections here are not available, at least 269 companies have been infected as at January, according to security company F-Secure.
Visit SingCert's website at www.singcert.org.sg for instructions on how to check if your computer is infected, and how to remove the worm.
No comments:
Post a Comment