Conficker.C Virus Warning

March 31st, 2009 | by admin |

A computer virus known as a Worm has spread throughout the Internet and is set to execute tonight at midnight.  It is known as Conficker.C and is suspected to be spread to over 10 million PCs worldwide.

Conficker

exploits a vulnerability to introduce and execute code on affected Windows systems, download a copy of itself, infect the host and continue spreading.  It will prevent the affected PCs from downloading corrective patches from Microsoft as well as blocking access to the commercial antivirus vendors.

The corrective patches and antivirus definitions must be pushed out to all Business and Home computers.  Individuals should review the attached briefing to secure your home PCs and avoid falling victim to this malware.

IMPACT: network resources such as e-mail and file shares. home users personal computers and resources.
<<Virus Warning - Conficker.pptx>>

Virus Alert

  • “Conficker.C” Set to execute 1 Apr 09 at 00:00 hrs
  • Is a Worm introduced via Internet, e-mail, file shares and USB Media – covers its tracks by plugging the hole that it used to get in, then writes itself into the Windows service directory to be re-started as the PC is re-started
  • Once installed it attempts to download additional Malware from over 50,000 possible domains (Web sites)
  • US Computer Emergency Response Team verified these exploit sites are becoming active and responding
  • Many possible exploits can be downloaded; Conficker is the transport device that opens the door to other Malware
  • Multiple exploits have been observed; Trojans that steal financial transaction data as well as code that responds to remote commands, creating a “Zombied” or botnet PC

Conficker Remediation and Fix

  • US-CERT recommends Windows Operating Systems users apply Microsoft security patch MS08-067
  • Most XP or Vista systems are set to download security updates automatically, or after the user initiates request
  • Update Antivirus Definition Files (Live Update); most commercial antivirus will scan for Conficker
  • Run Live Update, then run a complete (deep) scan
  • Repeat scans after April 1st (virus can hibernate)
  • Try to access the Web site of a major antivirus vendor, which the Worm will try to block (Symantec.com)
  • Infected PCs will block all connections to antivirus sites
  • Back up all important documents before 1 April
  • If you think you’re infected, do NOT conduct on-line financial transactions until you are sure your PC is safe

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Facebook
  • Google
  • Live
  • Ma.gnolia
  • NewsVine
  • Propeller
  • Reddit
  • StumbleUpon
  • Technorati

If you enjoyed this post, make sure you subscribe to my RSS feed!

Tags: , , , , , , ,

Post a Comment