As Conficker Worm Waits for Instructions, World Wonders What's Next.

Other than temporarily grounding the French Navy's fighter planes and infecting 24 of Britain's Royal Air Force Bases, the disruptive computer worm known as Conficker seems rather benign, right?

Wrong.

Exploiting Windows Vulnerabilities to Spread

The problem with the Conficker Worm, also known as Downadup and Kido, isn't what it has already done, but what it could do, say the experts.

“Because of Conficker's ability to spread as a botnet, no one really knows what it will do next,”says Himanshu Sonkar, chief technologist and researcher at X-Wire Technology, the company which developed Tizer Conficker Razor™, a removal tool to exterminate the worm. “Conficker lies dormant on your system, awaiting further instructions from its creators who could use it for a large-scale criminal activity.”

The crimes could be anything from tracking an infected user's keystrokes to stealing passwords or launching a massive spam attack.

Take, for example, what happened in Manchester, England, when Conficker knocked out parts of the city government's IT systems, including a town hall fine processing system. As a result, the city council could not issue 1,600 traffic citations within the statutory 28 day time limit.

Between the unpaid traffic citations and Conficker cleanup, it cost the city more than a million pounds. But it could have been worse.

What if these Conficker-infected machines contained personal information about each licensed driver, including where they live and what types of car they drive? The worm's authors could have very easily taken this information and sold it to crime syndicates to use it for burglary or theft.

The potential for malicious intent goes far beyond such basic criminal activity.

When 800 computes at Sheffield Teaching hospitals in the United Kingdom were infected in January, only non-urgent appointments in the medical imaging department had to be cancelled.

The infection reportedly had no impact on patient care. But what if the worm's authors used Conficker to alter patient files, change treatment plans or adjust drug dosages? The harm would have likely been immeasurable.

Detecting Conficker Quickly is the Best Cure

To prevent any such instance from happening with you, early detection and removal is the best medicine when dealing with Conficker.

You may be infected if your computer begins:

•Locking you out of user accounts
•Creating and scheduling tasks on your system.
•Denying you access to files.
•Disabling your browser from visiting security sites.
•Showing signs of slow local area network or internet connections.

After detection, removing Conficker Worm with a free tool such as X-Wire Technology's Tizer Conficker Razor™ is the next step.

Tizer Conficker Razor™ successfully removes all variants of the Conficker worm and Conficker-type malware because it uses heuristic and behavioral analysis for detection and a newly developed proprietary driver-based tool for removal.

“This method of detection and removal is much more reliable than the outdated technology of using malware signatures in the database to detect the threat,” says Sonkar. “Because the worm spreads different variants of itself, a signature-based tool may not be reliable for detection of every variant.”

--- X-Wire Technology