Security Sleuths Work Overtime to Confound Conficker Worm.

"On Wednesday, the Conficker worm -- which has writhed its way into possibly millions of computers worldwide -- will open its ears and take orders. What it's going to do is still unclear, but security researchers are working feverishly to mitigate its power. The Honeynet Project, for one, has developed a scanner to check for Conficker's presence on a network."
http://www.technewsworld.com/story/66666.html

:scared:

From the article: "beyond that, it's very unclear what exactly Conficker will do." But what if the PC is left off, so the worm doesn't get any instructions on Wednesday?

One of the most dangerous threats ever, a computer worm known as "Conficker," is spreading through the Internet right now. By some estimates, 10 million computers have been infected worldwide.

With one click, the worm's creator can instruct it to suck sensitive data, like bank passwords and account numbers, out of millions of computers, or launch a massive spam attack to clog up the works.

The newest targets of worms are social networking sites.

He says a worm can crack into a Facebook account, like Morley's, and send a message to anyone on his friends list.

It's a message a friend or colleague, like Stahl, would be sure to open since it comes from a trusted friend. Stahl took the bait and clicked on what looked like Morley's video link.

"Something looks a little off," Trilling remarked. "You're already infected."

As Trilling demonstrated on a second screen, the hacker "owned" Stahl's online movements. "From here on out, everything you do, gonna show up on the hacker's machine," he explained.

So when Stahl typed her username and password into a bank Web site, it appeared instantaneously on the hacker’s screen, along with her bank account details.

"Every single keystroke you hit, in fact, if you make a mistake and hit a backspace, that shows up in the window," Trilling explained.

The hacker then followed her around, as she browsed the Internet from CBS News to Amazon.com.

"So, if I buy something, they’re gonna have my credit card," Stahl remarked.

"Everything you type in, your address, your credit card, it’s all gonna show up in that window," Trilling warned.
http://www.cbsnews.com/stories/2009/03/27/60minutes/main4897053.shtml

Microsoft Malicious Software Removal Tool
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en


this internet explorer patch that microsoft released in december would have protected people.
http://blogs.msdn.com/ie/archive/2008/12/17/ie-december-out-of-band-release.aspx
http://www.microsoft.com/technet/security/Bulletin/MS08-078.mspx

Windows Defender has an update to detect and remove it:
http://www.microsoft.com/security/portal

and finally if your antivirus software is any good and you're getting daily updates, you should be protected. i know i am.

Install/update your anti-virus software to block the known update domains at your firewall:

btddc.com

d34ft.com

23drf.com

cscs7.com

mgaazz.com

hhgg3.com

trafficconverter.biz

Years ago I bought a Leading Edge Computer new and about a month after it came I got snail mail from Leading Edge with a disk containing McAfee Antirvirus informing me that my computer was infected with the Michaelangelo virus, which was programmed to erase the hard drive on Michaelangelo's birthday (March 6). I ran the McAfee program and sure enough it was there and removed by McAfee.

Apparently some idiot at Leading Edge who made the master hard drives for their computers brought a disk to work with games on it to play that had the virus on it.

Never ran a computer without antivirus ever since. As I recall that was about 1986-88.