Confiker virus quiet on deadline day, but threat remains
San Francisco - Confiker, the April Fool's worm, began contacting pre-designated websites for instructions on Wednesday, and while no malicious instructions had been downloaded, security researchers warned that the virus could still wreak havoc at any time.
"It's like a loaded gun that could go off anytime," said Patrik Runald, chief security advisor of technology security firm F-Secure.
The virus allows its creators to take control of the machines and was programmed to start contacting a random selection of 500 of 50,000 new websites on Wednesday.
"Infected machines are now actively reaching out but there's nothing there," Runald said. "But just because nothing has happened so far doesn't mean the danger is over."
Researchers feared that the websites would upload new instructions to the infected computers that could turn them into a botnet, which would launch coordinated attacks flooding inboxes with spam and crippling internet sites.
Another danger, according to Runald, was that the computers would be programmed to steal users' sensitive data such as passwords and credit card numbers.
Runald told dpa, the German news agency, that researchers still had no real indication who was behind the worm. But he said that a coalition of security organizations, the Conficker Working Group, had succeeded in cutting down the number of infected computers from 10 million at the start of the year to between 1 million and 2 million now.
Runald advised people who suspected that their computers are infected to check confickerworkinggroup. org where a variety of free tools are available to identify and neutralize the Conficker virus. He warned against searching the internet for such tools, since many of the results offered on popular sites such as Google are in fact malware that can infect computers with other viruses.
Despite the success in reducing the number of infected computers Runald said that researchers were still in the dark about the virus.
"We are not even close to identifying who is behind the virus. There is no indication of who they are or what their motive is," he said. "We don't know why they are developing something so sophisticated and they are not even trying to make money from it." (dpa)