Sunday, April 26, 2009

Conficker activates, starts sending spam

Conficker activates, starts sending spam

Sat Apr 25, 2009 7:57PM EDT

Reports are pouring in now that Conficker, at last, has started doing its dirty work -- and that work is nothing which thousands of malware applications haven't done long before it: Sending out spam.

The activation is being deemed a "quiet" one, as Conficker's creators seem to want to take advantage of the powerful botnet they've built without drawing too much attention to themselves. As a result, Conficker may shape up to be a relatively innocuous exploit compared to some of its massively destructive predecessors, and that's undoubtedly a good thing.

Still, cleaning up Conficker will have to be done one way or another, and already numbers are starting to be tossed out in an attempt to measure how much that's going to cost. The Cyber Secure Institute's figure: $9.1 billion will eventually be spent to combat and remove the worm. Some 3.5 million are estimated to be infected worldwide (with just 4 percent of those machines installed in North America), though estimates of infection range from much lower to substantially higher.

Meanwhile, security pros are girding for a long and slow fight against the malicious bit of code, as Conficker continues to evade detection by many users since it takes great efforts to hide its presence on a machine. Based on current analysis of the most recent version of Conficker, it is also set to stop spreading some of its malicious code on May 3, but it's likely that the door will be left open for additional attacks down the road.

The bottom line: Malware like Conficker makes headlines every year or so, but the time to think about security is not just when word of a big attack is brewing. Keeping your PC safe from attack is something that requires daily diligence, so keep those Windows updates installing, and keep anti-malware definitions up-to-date, no matter what you hear about the latest version of Conficker... or any other malware application.

No comments: