The recent publication of “Worm: The First Digital World War” by Mark Bowden (“Black Hawk Down”) has renewed interest in the Conficker worm, an insidious piece of malware that can quietly take over your computer without your knowledge. There’s a lot of confusing information flying around the Internet about the worm, but here are a few facts you should know.
* Conficker is believed to have been injected into the Internet sometime in 2008. No one knows who wrote it, nor do we know what the worm’s objective is.
* The only known action Conficker has taken to date is to infect millions of PCs worldwide. No one knows exactly how many computers are infected, but estimates run in the 8-12 million range.
* Some have speculated that Conficker is working to set up the largest botnet to date. A botnet is a group of computers under the control of a single individual who can call upon them as a group to attack other networks and possibly even crash the Internet.
* Conficker only infects PCs running on Microsoft Windows. According to Bloomberg Business Week, the virus takes advantage of a “security breach” in the Windows software. It inserts itself into the computer’s operating system and repairs the breach so no other virus can take advantage of it.
* According to Bowden’s book, there is no known antidote for Conficker. It can successfully deflect any anti-virus software’s attempts to remove it. Business Week reports a group of experts known as the Cabal is working on a solution; Bloomberg colorfully dubbed them the “Justice League of Nerds.”
* Microsoft, whose experts headed the Cabal’s efforts, has a significantly less alarmist view of the worm. According to the company’s website, it’s unlikely that most PCs are infected because of a security release in October 2008 that protected against the worm. The same Microsoft security page provides detailed information on how to scan your computer for the worm, and insists that there is, in fact, a cure, a program called Microsoft Safety Scanner.
* There are lots of other worms out there setting up botnets. They can be more difficult to identify because they don’t cause immediate damage to the infected machine. Instead they lay dormant, awaiting the command to attack from their maker. A think tank called The Honey Net project was set up in 1999 to study these stealth worms. The website makes for great supplemental reading.