It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

Conficker virus begins to attack PCs: experts

page: 1
18
<<   2  3  4 >>

log in

join
share:

posted on Apr, 26 2009 @ 08:39 AM
link   

Conficker virus begins to attack PCs: experts


www.reuters.com

BOSTON (Reuters) - A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said.
(visit the link for the full news article)


Related News Links:
www.telegraph .co.uk
www.ciol.com
www.theepochtimes.com
cybersecureinstitute.org




posted on Apr, 26 2009 @ 08:39 AM
link   
Hello,

This is about as accurate as it can be. On Saturday, we picked up various packets being sent to other agents who belonged to other networks. So im my humble case all i can say is, yes, its happening as we speak. The sad part is that their are so many server/client/users who are as literate as a two year old when it comes down to this. I guess were all having fun now..Right ?
I guess you more or less would have realized that the mere mentioned of the April 1st was just to show how stupid the general population is and how gullible its when it listens to so called experts. Keep in mind, this worm CANNOT BE STOPPED.

www.reuters.com
(visit the link for the full news article)



posted on Apr, 26 2009 @ 09:00 AM
link   
Coincidence that this Computer Virus has been "activated" at the same time the Flu Virus was released in Mexico? Someone doesnt want people to have information spread across the internet and for the general public to solely rely upon the Media for up to date news



posted on Apr, 26 2009 @ 09:28 AM
link   
What does this virus do exactly?

I probably have it; that info could help me



posted on Apr, 26 2009 @ 09:37 AM
link   
Yes it is very strange that this thing is kicking in, just when the news of the Swine Flu is hitting everywhere!


Below is a link to an eye chart test if you would like to see if your computer is infected. It was created by the conflicker work group.

Conflicker Eye Chart Test!

I checked my computer it was ok, if you do get it, my suggestion would be to back up your files on a flash drive or external drive, than reformat your hard drive and reload your mirror image or original software. Although they do have instructions and tools to remove conflicker they are usually complicated and time consuming. Most people just don't have the knowledge base to properly perform them and sometimes they just don't work depending on the variant of the strain. IMHO


I have noticed in the past few days that some web page servers are malfunctioning and that I getting asked to give control to certain web sites which I have refused for good reason. It will be interesting to see how this plays out and what damage if any it will cause to the internet and its network.



posted on Apr, 26 2009 @ 09:39 AM
link   

Originally posted by Alexander the Great
What does this virus do exactly?

I probably have it; that info could help me


In a nut shell, well it gives complete control of your computer to who ever has injected you. All your passwords, messages, browsers, files, everything.



posted on Apr, 26 2009 @ 09:42 AM
link   
It does whatever the people who released it, want it to do. With any luck, that "lets refer to a thousand websites" portion was considered as a means to wrestle for control with who started off calling the shots on what conficker does.

For those who feel that because they keep their computers either updated or on wiped/reloaded on a regular basis are safe. there are enough who don't to ensure the worm's controllers can create havoc with routers and servers, causing a freeze to the internet at the very least.

More specific damage can result by screwing with specific services that individuals, companies, and governments have come to rely upon such as money transfer systems, internet based GPS, etc.



posted on Apr, 26 2009 @ 10:22 AM
link   
I told everyone, even here on ATS
The worst thing that the virus can do is nothing



posted on Apr, 26 2009 @ 10:29 AM
link   
reply to post by Alexander the Great
 


Basically, (if it updated after April 1st), it sends out spam and gives fake anti-virus advert pops-up's, warning that you have a virus and you need to run their scan or download their software. (Its called scareware, and they make money when you purchase the fake software).

It attempts to stop your current anti-virus software, and Micro$oft updates. It also attempts to block you from accessing anti-virus and Mirco$oft update sites. This is why the Eye-chart is helpful, since the images from those websites won't show up if your pc is infected, (in most cases).

Behind the scenes attempts to spread itself to other pc's, and it changes some of your security policies. Wiki has a reasonably good explanation.

As side note; (since I have not seen it mentioned on ATS), the fake anti-virus software server is currently hosted in Ukraine.


spy-wareprotector2009 .com (94.232.248.53)
Ukraine Bastion Trade Group, AS48841, EUROHOST-AS Eurohost LLC
spyware-protector-2009 .com
spy-protect-2009 .com
spywprotect .com

The second portfolio is also parked in Ukraine as follows:
sysguard2009 .com (195.245.119.131)
RENOME-AS Renome-Service: AS34187, Joint Multimedia Cable Network Odessa, Ukraine
swp2009 .com
spwrpr2009 .com
alsterstore .com
adwareguard .net


This is noteable because Conficker blocked itself from spreading in ... Ukraine.


It randomly generates IP addresses to search for additional victims, filtering Ukraine IPs based on the GeoIP database. [...]

Conficker A incorporates a Ukraine-avoidance routine that causes the process to suicide if the keyboard language layout has been set to Ukrainian.


[edit on 4/26/09 by makeitso]



posted on Apr, 26 2009 @ 10:44 AM
link   

Originally posted by ModernAcademia
I told everyone, even here on ATS
The worst thing that the virus can do is nothing


Hello,

Would like to inform you that, either you have no idea what this is about or your giving out the wrong information here. Either way in both cases, your wrong.



posted on Apr, 26 2009 @ 10:51 AM
link   

Originally posted by makeitso
reply to post by Alexander the Great
 


This is not about selling a software. If you have any idea how much data is worth in the black market you would obviously fall of your chair. These type of worms are ranked in Top 5 as a national security risk. So before i keep reading on posts stating that it does nothing and its only for selling some software, please take the time to read and investigate.

Considering that this can inject itself into sensitive networks you can see what the value of data would be worth to the highest bidder. You could literally bring down a complete network on a national scale, keep in mind it only requires 3minutes.



posted on Apr, 26 2009 @ 10:59 AM
link   
Just to clarify my previous post

"5. Targeting the National Information Infrastructure

This issue concerns foreign power-sponsored or foreign power-coordinated intelligence activity directed at the U.S. Government or U.S. corporations, establishments, or persons, which involves the targeting of facilities, personnel, information, or computer, cable, satellite, or telecommunications systems which are associated with the National Information Infrastructure. Proscribed intelligence activities include:

Denial or disruption of computer, cable, satellite or telecommunications services;
Unauthorized monitoring of computer, cable, satellite or telecommunications systems;
Unauthorized disclosure of proprietary or classified information stored within or communicated through computer, cable, satellite or telecommunications systems;
Unauthorized modification or destruction of computer programming codes, computer network databases, stored information or computer capabilities; or
Manipulation of computer, cable, satellite or telecommunications services resulting in fraud, financial loss or other federal criminal violations.

and here is the link : www.wright.edu...

Also a brief example of what this data information is worth :

The Economic Espionage Act of 1996 was approved by Congress because theft of U.S. trade secrets is costing U.S. companies many billions of dollars a year in lost sales and costing U.S. workers their jobs. Foreign intelligence services and corporations are increasingly using classical espionage techniques to steal U.S. corporate marketing information, technological advances, and proprietary data in support of their national economic goals.

In testimony before Congress regarding implementation of the new Economic Espionage Act, FBI Director Louis Freeh reported on the following cases.

Link: www.wright.edu...



posted on Apr, 26 2009 @ 11:03 AM
link   

Originally posted by tristar

Originally posted by makeitso
reply to post by Alexander the Great
 

So before i keep reading on posts stating that it does nothing and its only for selling some software, please take the time to read and investigate.


Alexander asked what the symptoms were. I provided him with the current known information, and backed it up with links to research from some of the top dogs in the field showing such.

Your posts try to indicate that conficker is currently doing far more than that, (stealing and selling sensitive data), but I have not seen you provide any relevant links to any studies or research proving that is the case.

If you can do that, I would be more than happy to read them, and post about their findings.

(edit-speeling)

[edit on 4/26/09 by makeitso]



posted on Apr, 26 2009 @ 11:16 AM
link   
reply to post by makeitso
 


Does it affect APPLE? I would think not but you never know. If it doesnt then I am good!



posted on Apr, 26 2009 @ 11:18 AM
link   
Hello,

Here is but a brief example of it at work, keep in mind its all about data acquisition how and when it will be used, its anyones gues


"SAN FRANCISCO--The Conficker worm infected several hundred machines and critical medical equipment in an undisclosed number of U.S. hospitals recently, a security expert said on Thursday in a panel at the RSA security conference.

"It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, Marcus Sachs told CNET News after the session. Sachs is the director of the SANS Internet Storm Center and a former White House cybersecurity official.

It is unclear how the devices, which control things like heart monitors and MRI machines, and the PCs got infected, he said. The computers are older machines running Windows NT and Windows 2000 in a local area network that was not supposed to have access to the Internet, however, the network was connected to one that has direct Internet access and so they were infected,"

Link: news.cnet.com...



posted on Apr, 26 2009 @ 11:22 AM
link   
reply to post by tristar
 


OK, the pc's got infected with Conficker.

Is the conficker worm currently programmed to steal the data and pass it back "home"?

If so, can you provide the link to the research showing that?

Thanks,



[edit on 4/26/09 by makeitso]



posted on Apr, 26 2009 @ 11:25 AM
link   
reply to post by mblahnikluver
 


As far as I am aware, if you have not installed Micro$oft OS on the same computer, you have dodged the bullet.

Apple is not (currently) affected by Conficker (as I understand it).



[edit on 4/26/09 by makeitso]



posted on Apr, 26 2009 @ 11:35 AM
link   
Time to run Linux ....



posted on Apr, 26 2009 @ 11:43 AM
link   
reply to post by hal4511
 


Sounds great, but in reality full disclosure shows that Linux has its own set of vulnerabilities, as do all OS's.


As another side note; it seems that some researchers feel the majority of conficker infected pc's are Illegal copies of Windows


based on the geolocated chart courtesy of IBM’s ISS and Symantec’s logical conclusion that users, perhaps even companies with illegal copies of Windows represent the largest proportion of the infected set
.





[edit on 4/26/09 by makeitso]



posted on Apr, 26 2009 @ 12:01 PM
link   
Its not about the virus sending the information back home, when its injected the virus sends a simple message back saying its installed and awaiting for "orders" ,its all about data.
You, Sir/Madam, might just be another casual user on the internet browsing sites and surfing various boards, how ever, if the person/s seen that it was to their benefit that your information was valuable well then this would obviously have been visited. You need think beyond the box.



new topics

top topics



 
18
<<   2  3  4 >>

log in

join