http://www.chron.com/disp/story.mpl/headline/biz/6354562.htmlConficker turns out to be ‘dud’
By DWIGHT SILVERMAN HOUSTON CHRONICLE
April 1, 2009, 8:31PM
Despite some predictions of an Internet meltdown and digital apocalypse, the Conficker computer worm failed to wreak havoc on Wednesday, with at least one security expert labeling it “a dud.”
The worm, also known as Downadup, was expected to change how it checked in with its creators, increasing the number of random Internet domains with which it communicates. Security researchers worried there would be new instructions waiting for the worm when it made this change on Wednesday, which was also April Fools’ Day.
But apparently, no one answered when Conficker phoned home.
“As predicted, Conficker has been a dud so far,” said security researcher Johannes Ullrich in a podcast posted at the SANS Internet Storm Center (
http://isc.sans.org), which tracks online threats. “We are now well beyond midnight Greenwich GMT, and no evidence of any ill effects so far.”
Most security experts had expected a non-event. But the fact that no one knew what instructions might be awaiting Conficker gave rise to speculative doomsday scenarios that rivaled those associated with the Y2K bug at the turn of the century.
Conficker is a worm that affects a flaw in Windows-based PCs. Microsoft issued an emergency patch in October for the flaw, and those users who installed the patch don’t have much to worry about. By default, Windows updates such patches automatically, but some people and businesses turn off auto-updating and are vulnerable.
Conficker infections are prevalent in Asia, where many copies of Windows are pirated and never updated. But large businesses and organizations that are slow to issue patches may also be vulnerable.
“The only people that have networks and who also don’t patch are government, corporates and education users,” Roger Thompson, chief research officer at antivirus software developer AVG, wrote on his blog at
http://thompson.blog.avg.com. “Fortunately, they’re also the folk that have staff with expertise that they can call on to fight back. The worm probably grabbed millions of users right out of the box in December 2008, but any gov/ corp/ edu user who is still infected after five months, deserves it.”