Conficker Worm (virus?) for Windows!
If any of your your security or Windows Update software isn't functioning properly, or if you can't reach security-related web sites, you might want to read into the Conficker/Downadup worm; it's a nasty one. If you're not showing any problems, you may want to disable Windows File Sharing (or leave it on at your own risk if certain programs need it).
You know it's bad when the NY Times writes a lengthy article about it. But the attention is warranted:Alfred Huger, vice president of development at Symantec's security response division, said, "This is a really well-written worm." He said security companies were still racing to try to unlock all of its secrets. Unraveling the program has been particularly challenging because it comes with encryption mechanisms that hide its internal workings from those seeking to disable it.
. . .
The program uses an elaborate shell-game-style technique to permit someone to command it remotely. Each day it generates a new list of 250 domain names. Instructions from any one of these domain names would be obeyed. To control the botnet, an attacker would need only to register a single domain to send instructions to the botnet globally, greatly complicating the task of law enforcement and security companies trying to intervene and block the activation of the botnet.
Computer security researchers expect that within days or weeks the bot-herder who controls the programs will send out commands to force the botnet [possibly including your computer] to perform some as yet unknown illegal activity.
Several computer security firms said that although Conficker appeared to have been written from scratch, it had parallels to the work of a suspected Eastern European criminal gang that has profited by sending programs known as "scareware" to personal computers that seem to warn users of an infection and ask for credit card numbers to pay for bogus antivirus software that actually further infects their computer.
Microsoft has released a security update for it, so check Windows Update and install your updates! You should also update your antivirus software and run a full system scan.
If you're already infected and your antivirus software won't run, check Microsoft's (lengthy) support page about it.
You know it's bad when the NY Times writes a lengthy article about it. But the attention is warranted:Alfred Huger, vice president of development at Symantec's security response division, said, "This is a really well-written worm." He said security companies were still racing to try to unlock all of its secrets. Unraveling the program has been particularly challenging because it comes with encryption mechanisms that hide its internal workings from those seeking to disable it.
. . .
The program uses an elaborate shell-game-style technique to permit someone to command it remotely. Each day it generates a new list of 250 domain names. Instructions from any one of these domain names would be obeyed. To control the botnet, an attacker would need only to register a single domain to send instructions to the botnet globally, greatly complicating the task of law enforcement and security companies trying to intervene and block the activation of the botnet.
Computer security researchers expect that within days or weeks the bot-herder who controls the programs will send out commands to force the botnet [possibly including your computer] to perform some as yet unknown illegal activity.
Several computer security firms said that although Conficker appeared to have been written from scratch, it had parallels to the work of a suspected Eastern European criminal gang that has profited by sending programs known as "scareware" to personal computers that seem to warn users of an infection and ask for credit card numbers to pay for bogus antivirus software that actually further infects their computer.
Microsoft has released a security update for it, so check Windows Update and install your updates! You should also update your antivirus software and run a full system scan.
If you're already infected and your antivirus software won't run, check Microsoft's (lengthy) support page about it.