Conficker: genuine threat or April Fools’ prank?

31 Mar 2009

We’ve all heard of the big viruses, the ones that cause dramatic headlines across the world, from 1992’s Michelangelo and 2000’s Love Bug (which caused US$5.5bn worth of damage) to the more recent Storm Worm in 2007.

However, there’s a new kid on the block – Conficker, also known as Downadup. No one is quite sure where the name comes from, but it’s thought to be a mix of ‘configure’ and ‘fick’, the German word for, ahem, unlawful carnal knowledge.

Conficker is a worm targeted specifically at Windows that first appeared in November 2008, with variants reported as recently as 4 March. It can be spread not just over the internet but also via removable storage devices. It can add files to USB keys, for example, which then spread the worm whenever they are used on other computers.

A sneaky little fellow, the Conficker worm turns all infected computers into ‘robots’ that work together to form an enormous network called a ‘botnet’. To date, it’s thought that the Conficker botnet has up to 10 million PCs. Even the computers in the British House of Commons have been affected.

And we’re about to find out exactly what it’s going to do.

Research has shown that at midnight on 1 April, Conficker will begin to scan 50,000 websites, and download a set of instructions from 500 of them. What it’s going to do with those instructions remains unknown. Theories include that all 10 million computers will target Google’s search engine in a ‘denial of service’ cyber-attack, or the virus will cause mass data theft worldwide. However, many experts feel that it may all be one big April Fools’ joke, and, in fact, nothing at all will happen.

Microsoft has issues patches and instructions on how to remove the Conficker worm, as well as a reward of US$250,000 for naming the creators of the virus. So, if you know someone involved, be sure to shop them in.

By Deirdre Nolan

Pictured: Conficker in action