The latest variation of the destructive "Conficker" or "Downadup" computer worm is set to activate on April 1, setting cybersecurity experts and computer users scrambling to understand the threat and protect systems worldwide.
A Computerworld article offers some insight into the particular difficulty of combating this latest strain of the Conficker worm, which Computerworld calls "2009's biggest worm by a mile." According to Computerworld, "PCs infected with Conficker.c, the third version of the worm that first appeared late last year, will use a new communication scheme on April 1 to establish a link to the command-and-control servers operated by the hackers who seeded the malware." This hurry-up-and-wait dilemma makes it extremely difficult for security experts to understand the latest variant of Conficker, and to predict what it will do once unleashed. But on March 30, Computerworld announced that researchers had discovered a flaw in the new version of the Conficker worm, and the creation of a scanner which can quickly detect the presence of the worm on networks.
The New York Times 'Bits' Blog offers the following advice to computer users and businesses: "It is possible to detect and remove Conficker using commercial antivirus tools offered by many companies. However, the most recent version of the program has a significantly improved capacity to remove commercial antivirus software and to turn off Microsoft’s security update service. It can also block communications with Web services provided by security companies to update their products. It even systematically opens holes in firewalls in an effort to improve its communication with other infected computers."
In January 2009, the Conficker (or "Downadup") worm was estimated to have infected as many as one in every 16 personal computers, and compromised the security of 33 percent of computers and devices worldwide.