So, for example, if you're sharing your files or folders, it can go that way.Īlso, it can replicate itself on USB devices. But the bottom line is it's similar to other worms in that it replicates itself across networks, across what are called network shares. So, it's Kido, it's Downadup, different names. And sometimes different labs give it different names. MAGID: I think what happens is that when the virus labs find it, they give it a name. Do you? That's a good question.ĬONAN: It's also referred to as the Upadek(ph).
MAGID: Oy, I was afraid you'd ask me that. But the good guys have a lot of resources as well, which is one of the reasons I think we're going to be reasonably prepared for this.ĬONAN: What does Conficker stand for anyway? So it's very clever in terms of trying to fool the good guys. Well, then it came up with another 50,000. And the security research began to buy up those domains to make sure it couldn't happen. Initially, it had 500 or so domains in it, the places that it would phone home, so to speak. It's figured out ways, for example, to fool some of the security researchers. But on April 1st, it could get new instructions. But it doesn't, as far as we know, steal passwords or do any damage. It replicates itself, and that by itself is annoying because it can slow down networks. It can get instructions, because right now, the worm has no payload. And by the way, the reason why we're concerned about April 1st is because when people looked at the code, they found something in there that says it will phone home, so to speak. If anything, if there is a big threat - and I think there's always a threat, I mean, in a sense, this reminds us that we always have to worry about it - it's going to unfold over the coming weeks and months, not over the next day or 24 to 36 hours.ĬONAN: Yet a lot of people who've looked into it say this is the most devious, cleverest worm they've ever seen. And they're not going to do it all at once. These are people who have a financial motive, and their goal is not to do something splashy, but to grab passwords or perhaps to turn your and my computer into a spammer, a spambot as they call it. In fact, I'm quite sure we won't, because even if this worm were very effective, there's no reason why they'd want to shut down the Internet or do anything massive or show-offy tomorrow because these are not hackers that are doing it for fun. MAGID: I don't think we're going to see anything catastrophic tomorrow. MAGID: Yeah, I'm kind of looking forward to a day off. LARRY MAGID (Tech Analyst, CBS News, ): Nice to talk to you, too.ĬONAN: So, tomorrow should we all be concerned that the whole computer system across the country is going to freeze up? Larry Magid is with us now from his office in California. Email us: Or join the conversation on our Web site at npr.org. If you'd like to talk with him about the worm, if you work in computer security, give us a call: 80. Larry Magid is a tech analyst with CBS News and. And the malware contains a deadline of sorts tomorrow, which means, well, nobody really knows what it means. Estimates of the number of computers infected run from one to 12 million. By now, you've probably heard of the Conficker worm. This material may not be published, broadcast, rewritten or redistributed.Tomorrow is April 1st, and depending on who you believe, it'll be a grim day for the Internet or just another April Fools. "Every university member should be concerned about this if they're using Windows-based devices." "It can do a lot of bad things," Tueller said. Mindy Tueller of the university's office of information technology said all faculty and students should take steps to make sure they are protected. They were expected to work through the weekend to eradicate it from the system. Information technology staff shut of Internet access for up to six hours at some campus locations Friday so they could isolate the virus.
#Conflicker worm virus password#
Nelson said the virus is mainly attacking personal computers and could be siphoning login and password data, credit card numbers and banking information.ĭirections for purging the virus from personal computers and equipment like thumb drives, digital cameras and smart phones has been distributed to staff and students. "That's secured in a much deeper way because of the implications," he said. Nelson says patient data and medical records have not been compromised. By Friday, the virus had infiltrated computers at the hospitals, medical school, and colleges of nursing, pharmacy and health. University health sciences spokesman Chris Nelson said the outbreak of the Conficker worm, which can slow computers and steal personal information, was first detected Thursday.