Here is a nice follow to all the recent media attention about the notorious Conflicker.C worm that is poised to accept instructions from underworld hackers about how to attack the Internet for what could be the biggest April Fools joke to ever hit the Internet.  Because this worm targets unprotected Windows systems that have not been updated to repair a known flaw, Microsoft is offering a $250,000 reward for information leading to the arrest and conviction of those who responsible.

This story is rather alarming, but really drives home the need to be cautious about where you surf on the Internet.  Conflicker shows no visible symptoms and is reported to be very hard to isolate and remove, so make sure that you are all patched up and that your AntiVirus protection is working and up to date.

If I Am Protected from Infection Why Is This Such A Big Deal?

Even though the risk of infection is minimal for computers that have installed the latest Microsoft security updates, experts predict that there are potentially millions of computers around the globe that, are not protected, and many of these are quite likely infected.  Conficker.C is a very sophisticated virus that is able to organize these infected computers into an army, that can be remotely controlled from the writers of the virus.  A network of this magnitude creates an army of computing power that can be used for any number of malicious purposes, from harvesting personal and financial information to performing online attacks such as a denial of service on large corporations.

We know that the infected machines have been sent instruction to perform some kind of malicious action on April 1st, but know one knows exactly what that might be. This is a theoretical danger, that a large group of infected computers can be used to perform some kind of attack.  There is nothing that we can do to prevent that.  The trap is set, and we will have to wait and see what form the April Fools Joke will take.

Conficker.C is classed as a worm because of how it spreads.  It exploits vulnerability MS08-067
[follow this link to Microsoft to learn more] which allows it to load directly into an non-patched computer by taking advantage of a design flaw in the Windows networking software, with no human interaction.  Once it gets in, it will disable your antivirus, and block access to security update sites.  It will further diminish the security of computers with weak passwords.  Additionally, it can spreads through network shares and removable drives like [USB Flash Drives].

Conflicker.C, the third variant of a self spreading family of worms, was first detected on December 31, 2008.  The first version, Conficker.A was first discovered in October 2008.  It affects all versions windows from Win98, through servers 2008.  It waits patiently on infected systems until certain dates pass before it takes action.  After January 1, 2009, it began to download reinforcements from a certain website affected computer.  It is estimated that there are already several million infected systems out there, that will experience major havoc on April 1, 2009.  Hopefully, you won't experience this first hand!

What You Can Do to Reduce Risks

You can greatly reduce your risk of getting this infection do these six steps on all computers in your home or office.  Remember that you are only as safe as the weakest link in your network, so check all of your systems.

1)     Make sure that you have Windows XP Critical Update KB958644 installed on your system.

2)     Verify the three main settings in the Windows Security Center in the Control Panel:

2.1)  Windows Firewall is turned on and working. 2.2)  Windows Automatic Updates are turned on. 2.3)  Anti-Virus Protection is installed, working and up-to-date.  [full colour AVG Icon in System Tray].

3)      Practice Safe Surfing Techniques - Don't trust any websites, even if they appear to be legitimate.

3.1)    Never open any unknown or unexpected email attachments, even from someone that you know.

3.2)    Never download free software games, screen savers, tools, or software of any kind unless you are certain that they are from well known, well established, websites from reputable companies.
 
3.3)    Never click anywhere on any pop-up windows that offer to speed-up your Internet or scan for and remove unwanted software.  Those pop-ups are often the virus themselves, with the whole window acting as one big button that says take me I'm yours -- if you click anywhere on them, even the [X] or Cancel Button, you give it permission to download and install into your PC.  Instead, press Control-Alt-Delete [at the same time] and then use the Windows Task Manager to terminate the pop-up window.

4)      Always Make use strong passwords for all of your system, network, and email accounts.  Strong passwords are more difficult to guess, and have at least 8 characters, and some from at least three of the following four categories: [Upper Case, Lower Case, Digits, Punctuation]  For example: "My-T0p.40"