Windows Virus warning: Seriously. Not a joke in any way.

[danjite]

If you run a Windows machine with ANY browser- not just Internet Explorer- and you can read this post, but you cannot get to www.windowsupdate.com, or GRIsoft.com (home of AVG antivirus), or Trend Micro, or Sophos, McAfee or Kaspersky or any other antivirus site, assume you are already infected with ConFicker. Take your computer offline and seek

Comments

[randomdreams]

linux ftw?

[danjite]

Well, yes, and OSX, too.

Except that a potentially 100,000,000 computer botnet going all out could really- really- screw with my internet access.

Think of the lost tweets, man!

[unixronin]

Exactly. Even assuming no new infections, consider the potential of a 12-million-computer simultaneous distributed denial-of-service attack against ALL OF the DNS root nameservers.

By the way, for anyone already infected, I have mirrored a number of the Conficker worm removal tools at my domain, which is not subject to Conficker's access blocking of antivirus sites.

[danjite]

I did just before I sent e-mail out the 100-or-so older folks who don't read my social media posts.

Oh, did I!

I am in NZ, don't forget. ALL my data is coming from one of three thin pipes. As to where those pipes are connected at teh pther end.... sheesh.

People don't get this stuff. I don't even get this stuff anymore- I hung up my guns ten years back, but I know enough to know I don't know and to trust others who do.

and to bloody repost.

[danjite]

You have earned this.

[cymrullewes]

That was so cool! I wanna be that cool when I get that old. (I've got about 50 years to figure it out.)

Off-topic, could you get someone to introduce me to Bryan Adams? I want ask him a question about his WareHouse Studio historic renovation, namely, why did he turn the building next door in to a shell for parking instead of installing a vent system and having the second floor be a basketball court and the roof being a mini-golf course. I mean, if you're going to renovate so much so that it's a shell when you're done, why not go whole hog and get everything? Yes, I know, the answer is money.

[hairygeeknz]

The global root servers have been hit with that sort of load before. It won't topple them. The best effort so far was, depending on where you where, 7/13 were out. But that's slightly misleading, because it's not really 13 machines. And it wasn't 7 of them out. And nowhere near the impact people imagine it has. But that's a longer explanation.

Also, it's far too much effort for a simple DDoS against the root servers. There's nothing much to be gained from that. These guys are putting in way too much effort (eg, digital signatures on payload updates, that's a big step up from any previous worm), it's far more likely to be something more interesting.

But we shall see :)

[unixronin]

Also, it's far too much effort for a simple DDoS against the root servers. There's nothing much to be gained from that.
Yes. I wasn't suggesting that was the actual goal, just tossing it out as an example. I agree, no-one as clever as the authors of Conficker obviously are goes to this much trouble to build a 12-million-machine botnet just to throw it away on something as basically stupid and pointless as DDoSing the root servers.
These guys are putting in way too much effort (eg, digital signatures on payload updates, that's a big step up from any previous worm), it's far more likely to be something more interesting.
Exactly. I admit to more than a little trepidation as to what they may have in mind. But whatever it is, my bet is we're not going to like it.

[richdrich]

Maybe Coca Cola are goping to send spam to the whole world offering a free can at their nearest store.

(If I had a botnet, I'd send everyone emails saying they'd won a free airline ticket and enclosing a highly convincing fake airline boarding pass, complete with barcode and shit. Thus closing down air travel as people front the airports with the fakes and have to be differentiated from the real passengers).

[randomdreams]

If you could pull that off, I'd consider being part of your botnet.