Mon, Mar 30, 2009 - Page 1 News List

Vexing computer worm to evolve on April Fool's Day

AFP , SAN FRANCISCO

A tenacious computer worm which has wriggled its way onto machines worldwide is set to evolve on April Fool’s Day, becoming harder to exterminate, but is not expected to wreak havoc.

A task force assembled by Microsoft has been working to stamp out the worm, referred to as Conficker or DownAdUP, and the US software colossus has placed a bounty of US$250,000 on the heads of those responsible for the threat.

The worm is programmed to modify itself on Wednesday to become harder to stop, said Trend Micro threat researcher Paul Ferguson, who is part of the Conficker task force.

“There is no evidence of it going into attack mode or dropping any particular payload on April 1,” Ferguson said in an interview.

“What people controlling the botnet are doing is building in survivability because of efforts by the good guys to lessen the harm of this thing,” he said.

The worm, a self-replicating program, takes advantage of networks or computers that haven’t kept up to date with security patches for Windows RPC Server Service.

It can infect machines from the Internet or by hiding on USB memory sticks carrying data from one computer to another. Once in a computer it digs deep, setting up defenses that make it hard to extract.

Malware could be triggered to steal data or turn control of infected computers over to hackers amassing “zombie” machines into “botnet” armies.

A troubling aspect of Conficker is that it harnesses computing power of a botnet to crack passwords.

Microsoft has modified its free Malicious Software Removal Tool to detect and get rid of Conficker.

“As this threat continues to evolve, Microsoft and other collaborative companies will continue to identify new ways to disrupt the Conficker threat to give customers more time to update their systems,” said Christopher Budd, security response communication head for Microsoft.

Computer users are advised to stay current on anti-virus tools and Windows updates, and to protect computers and files with strong passwords.

This story has been viewed 2714 times.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top