Conficker.c is a worm, a malicious program thought to have already infected between 5 million and 10 million computers.
Those infections haven’t spawned many symptoms as of yet.
The program could delete all of the files on a person’s computer, shut down Web sites or monitor a person’s keyboard strokes to collect private information like passwords or bank account information, experts said.
Conficker.c imbeds itself deep in the computer where it is difficult to track.
One quick way to see if your computer has been infected is to see if you have gotten automatic updates from Windows in March. If so, your computer likely is fine.
Users who haven’t gotten the latest Windows updates should go to http://safety.live.com if they fear they’re infected, the company’s statement says.
There is a $250,000 bounty now offered from Microsoft.
Last year the number of infections tripled.
At Symantec, the company that makes Norton anti-virus software, engineers have been tracking Conficker since last November as it worms its way across the globe.
“This map is showing a visual representation of where all of the known infections of Conficker are across the world,” explained Steve Trilling, a Symantec vice president who says the worm is now living on millions of computers, mainly in corporations.
So far, the bad guys who created it haven’t triggered Conficker. It’s just sitting out there like a sleeper cell.
“Imagine a network of spies that has infiltrated a country. And every day, all of the spies are calling in for their instructions on what to do next,” Trilling explained.
Asked what the worm is being asked to do, Trilling told Stahl, “That’s the interesting thing. The only thing the worm is being asked to do is to ask for further instructions.”
For several months, Trilling says the worm has just been sitting there, awaiting instructions.
The newest targets of worms are social networking sites. Trilling demonstrated to Stahl how it might work. He says a worm can crack into a Facebook account and send a message to anyone on his friends list. You would open it because you think it comes from a trusted friend. From there the hacker can track every single movement that you make online. EVERYTHING!
Hackers have hidden their malicious software known as “malware” on some of the most trusted Web sites, like eBay, the Miami Dolphins football team, even my.barackobama.com.
Have you updated your anti-virus?
Do you Google?
Hacking is a thriving business!
“Part of my job is to know the enemy, to know our adversaries,” he explained.
Using an assumed name, “Gozi,” Jackson infiltrates chat rooms where hackers sell their worms and viruses to their clients: other hackers. He asks for a demo so his company can create software to disable the malware. The hackers, he says, are typically young, male and often from Russia. Asked how he tracks them down, Jackson said, “Well, they’re like any other business. They have to advertise to get clients.”
He says many Russian hackers are in cyber-gangs that display fascist symbols, like a Swastika and anti-American artwork. They boast about all the dollars they’ve stolen from the rich Americans. A single hacker can make $30,000 a month and be championed in local newspapers. “There’s an example recently where two boys were arrested actually and then let go the next day, but the article in the newspaper wasn’t that they were arrested and that they committed a crime, but saying: ‘Look at our two local boys made good. They’ve cheated some greedy Westerners out of so much money,'” Jackson explained.
Russian authorities tend to look the other way, which explains why members of the cyber gangs have no fear. They even show their faces on the Internet.
One of the hackers, who calls himself “Tempest,” is just 14 years old and working fulltime. ”
Conficker investigators have been talking about an April Fool’s attack, because in dissecting the worm, they can see it’s been programmed to receive new instructions on April 1. But nobody knows if the instructions will be benign, or something that could disrupt the entire Internet.
To comment….click on the number that is next to the title of this post or click on the title of the post itself.