Zero-hour approaches for the awakening of the Conficker megaworm. As we explained, Conficker can evade detection like none before it. But security experts have released a scanner that may save your IT professional’s sanity tomorrow.
Security expert Dan Kaminsky, working with the Honeynet Project’s Tillmann Werner and Felix Leder, have discovered an easier way to detect if a machine on a network is infected by Conflicker. Dan writes:
What we’ve found is pretty cool: Conficker actually changes what Windows looks like on the network, and this change can be detected remotely, anonymously, and very, very quickly. You can literally ask a server if it’s infected with Conficker, and it will tell you.
The code, just released today, is quickly finding its way into the scanners of all the major security software companies, and will hopefully prevent the worldwide holocaust/Russian Lolcat invasion tomorrow. We’ll see! [Doxpara Research via Ars Technica]
Sir Mudkip
April 1, 2009 at 10:08 AM
Oh joy. Im stuck at school while it will activate slowly eating away at everything on my network (Home network-14 computers ALL with vital documents. I love WD for crappy external hdd’s that break every 5 minutes so I cant back up anything. I’m just hoping its a rickroll. I would have to say building up all the worrying hype, and then having a worldwide April 1st Rick Roll would be epic.
Report Permalinkcoffee maker
April 1, 2009 at 11:56 AM
only a little while now until Conficker is supposed to take effect… hopefully people have already found whatever fixes they needed to find
Report Permalink