It is the most serious large scale worm outbreak we have seen in recent years because of how widespread it is, but it is not very serious in terms of what it does. So far it doesn't try to steal personal information or credit card details.An article published on CRN.com explains:
Like other malware, the worm known as Conficker or Downadup is a blended threat, relying upon a variety of attack vectors, which range from brute-force password guessing to hitching rides on USB sticks, in order to replicate and spread throughout a network. However, what experts say makes this worm unique is the rate of speed at which it replicates.Although the potential threat is certainly real, computer security experts suggest that some media reports surrounding the supposed "launch" of the worm on April 1st 2009 tend to seriously exaggerate its potential consequences. Some of the more sensational reports claim that on April 1st hackers will be able to take control of millions of computers around the world with potentially devastating results. In spite of these reports, computer security experts are telling computer users there is no need for panic. An article by security expert Joe Stewart published on the SecureWorks research blog notes:
If you've been reading any news at all on the Internet in the past week, you've probably heard that Conficker Armageddon is approaching, and itís scheduled for April 1st, only a few days from now. The SecureWorks Counter Threat Unit has been receiving an increasing number of inquiries asking what one needs to do to prepare for the impending April 1st outbreak.Stewart's take on the issue is confirmed by other security experts:
The truth is, there will be no April 1st outbreak, despite what some of the press stories have said so far. The only thing that will happen with Conficker on April 1st is that already-infected systems will begin to use a new algorithm to locate potential update servers. There, thatís not so scary, is it?
Despite the hype surrounding the April 1 "launch" for the Conficker, or Downadup, worm, security experts from Symantec and McAfee say there's little to worry about. Although the authors of Conficker have consistently improved the worm, the media attention makes a criminal move on April 1 unlikely. Security best practices should protect most PCs. Despite security analysts insisting that April 1 is only a red herring, the Conficker malware hype keeps growing as April Fools' Day approaches. Indeed, the doom and gloom is persisting even as security researchers offer a voice of reason.Users of Microsoft Windows should ensure that the latest Windows security updates are installed on their computers. A removal tool for the worm is available from the F-Secure website. Note that computers infected by Downadup are blocked from reaching f-secure.com websites. The F-Secure FTP server can also be reached from: ftp://ftp.antivirus.fi/anti-virus/tools/beta/ and ftp://220.127.116.11/anti-virus/tools/beta/.
Last updated: 31st March 2009
First published: 26th January 2009
Write-up by Brett M. Christensen