Confirmed: Conficker Awakens

Dr. Roy Schestowitz

2009-04-01 09:40:40 UTC
Modified: 2009-04-01 09:40:40 UTC

Summary: Boycott Novell goes offline as Conficker goes up

IT IS tempting to say that our one-hour downtime this morning was caused by a DDOS attack related to Conficker, but we don't know this yet. In any event, while investigation continues (and hopefully this won't recur), here are our latest Conficker picks. The current news confirms that it was no hoax.

● Conficker: GNU/Linux's way to mainstream

I personally hope that the Conficker/Downup/Downadup/Kido computer worm — that surfaced in October 2008 and targets the Microsoft Windows operating system, that activates on April 1st — shows Windows users just how insecure the Windows operating system is, and how slow Microsoft is to react to it, and “patch” it.

The Windows operating system has always been insecure — and I don’t mean as in self-esteem, although :b

● Letter from a CIO: why Conficker won't hurt our company

You know a virus is making it in the news when your network’s users start asking you about it (instead of the latest round of "good news virus" hoaxes.) It's prudent for those in technical leadership roles to send out encouraging messages why nobody need panic. Here’s a template e-mail you can copy-and-paste, with versions for Windows, Linux and Mac infrastructures!

[...]

Dear all,

You may have heard about a super-virus which is being discussed in the mainstream media. Some have asked me about this and I appreciate their concern for the safety of our data and systems.

I'd like to take this opportunity to give assurance to everyone that Initech takes seriously the integrity and security of its information.

This is the reason why we use the Linux operating system exclusively, for our servers and desktop and laptop computers. It is impervious to this latest virus threat which, like every other one, affects inferior systems running Microsoft Windows.

This virus threat will not – and in fact can not – infect any of our computing devices and tomorrow will be business as usual.

Your home computers may not necessarily be so safe. Consequently, you might like to take this opportunity to consider installing Ubuntu Linux instead.

Have a great day!

● Repeat after me: Conficker is a Windows virus

Why does the general media - and quite often the tech media too - avoid naming the culprit? Is it because they are afraid of offending Microsoft? Or is it plain ignorance?

If you leave Swiss cheese lying around your pantry, can you blame mice for wanting to creep in and eat it at night?

● It’s raining free Conficker protection: get it now!

The dreaded Conficker worm is constantly in the news these days, with consumers and businesses worldwide now bracing themselves for another expected attack from the malicious worm predicted to sweep the Internet on April Fool’s Day tomorrow.

● Scareware scammers latch onto Conficker hype

Scammers are taking advantage of the huge interest in the impending "activation" of the Conficker superworm by poisoning search engine results.

● How will the April Fools' computer worm affect you?

Conficker.c is a worm, a malicious program thought to have already infected between 5 million and 10 million computers.

Those infections haven't spawned many symptoms, but on April 1 a master computer is scheduled to gain control of these zombie machines, said Don DeBolt, director of threat research for CA, a New York-based IT and software company.

● Busted! Conficker's tell-tale heart uncovered

Security experts have made a breakthrough in their five-month battle against the Conficker worm, with the discovery that the malware leaves a fingerprint on infected machines that is easy to detect using a variety of off-the-shelf network scanners.

● 53 Pages, 10 Months, 1295 Infected Hosts, 103 Countries, And They Still Can't Say "Windows Malware" (related but not the same)

"Vast Spy System Loots Computers in 103 Countries"-- sounds promising, right? In the New York Times, no less, so it should be good. Well, no, I was rather disappointed at yet another security analysis that left out vital information-- which operating systems and applications were vulnerable. If it were Linux or Mac do you think they would be so tight-lipped? Why is the Dalai Lama running Windows?

● Counting down to Conficker

"No one knows who controls Conficker, so it could be controlled by terrorists," he writes. "It could also be controlled by the kid who played Urkel on 'Family Matters.' "

If our Web site becomes inaccessible due to load -- as it did one hour ago -- then the above should come to mind. ⬆

Comments

JohnD

2009-04-01 11:43:55

Maybe it was actually Dan working from behind his red curtain at Novell..... Sorry Dan it's 4/1 and I couldn't resist. For the record - I don't think Dan had anything to do with the site issues this morning. Of course I did mention that it's 4/1 - oh well. Hope everyone has a Confickr free day.

Roy Schestowitz

2009-04-01 11:47:02

In the IRC channel, I hear about people having sporadic issues with networks and services.
Dan O'Brian

2009-04-01 12:47:22

JohnD: No offense taken ;-)

I'm not sure why there's got to be a conspiracy theory surrounding Conficker DDOSing this site, seems highly unlikely (especially considering all the times this site has gone down over the past month or two).

JohnD

2009-04-01 15:44:52

I'm sorry I'm just in "that" kind of mood today. It really is Novell trying to insert patented code into the site via Conficker so they can then sue Roy et al for patent infringement. Oh btw Tom tom is in on it too now that they have settled with M$. I'll post more later, my tin foil hat is slipping off and I think I hear black choppers coming for me.

JohnD

2009-04-01 11:58:29

So far no calls, guess I'm doing my job. NOD32 everyone - it works.

Roy Schestowitz

2009-04-01 12:05:05

"It’s definitely serious," says Symantec's Kevin Haley (via Boston Herald). A Google search for "conficker" brings back about 3,510,000 results. --WPN

Gentoo User

2009-04-01 17:42:52

Someone from Symantec says this is serious business and the number of Google hits? That definitely should take attention away from the fact that you've been calling this wrong for a month. Good job, I'm sold.

Ian

2009-04-01 18:54:54

John,

I've heard good things about NOD32 as well. We went with Sophos when it was time to re-up. We never considering Norton or Mcafee.

Ian

2009-04-01 18:55:11

considering=considered
JohnD

2009-04-01 19:08:01

I've hated McAfee since it started. Norton used to be my favorite but in recent years it's become bloated and slow. And it doesn't get rid of spyware worth a hoot. Nod32 is FAST. I can play COH with it running with little lag. Scan times are low and it does a great job of getting spyware in addition to viruses. Haven't had a problem with it at any of my clients so far and I got a guy I team with to start using it as well - he too is impressed.

GNU/Linux Measured at All-Time High in Sweden: Can 'influencers' have played a role
GNU/Linux Becoming More Universal: It seems likely the end of Vista 10 coinciding with a sharp rise in memory prices (and now energy prices) will benefit GNU/Linux and therefore give us more to write about
Can Economies Like the American One Hang On?: The coming weeks will be "interesting" unless wars end
SLAPP Censorship - Part 32 Out of 200: Garrett Made Spurious Requests (Later Withdrawn) the Same Week Someone He Later Spoke to by E-mail Sent Threats to Our Webhost: The "plot thickens" because there's a multi-party tag-team act, as confirmed by Garrett after he had sworn on the Bible
IBM is a Dying Company, Nowadays It Kills Red Hat With Slop: when your last day is a national holiday in IBM's country
"Independence Drives" and Community-Run Sites: Independence in reporting is a much-valued trait
When Charlatans Are Only Good at Losing Money and Storytelling (e.g. About Investment in Them): Wait till a a barrel of oil costs $300
What Apple Fans Are Missing: Apple is a bad company
The "Pale Blue Dot" Moment Had Returned: To many people, the "bitter-sweet" observation of how small we are
Saudi Arabia Does Not Rely Much on Microsoft/Windows: Putting aside politics, this is good for Free software
Almost 12 Years of Exposing Corruption in Europe's Second-Largest Institution: The "unready" President is now an abandoned President
Easter Moon Mission and Its Reminder of IBM's Demise: A lot of NASA operations now rely on GNU/Linux
When Power is Scarce and GNU/Linux Has Power: In Cuba, GNU/Linux has long enjoyed high adoption rates
Don't Totally Dismiss the 'Survivalists': 'Survivalists' or similar terms are used to describe a particular mindset of people who prepare for some really awful scenarios
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 02, 2026: IRC logs for Thursday, April 02, 2026
A Much Better Use of Fuel Than Slop: Something positive for a change
Hoping for Peace: There are still many things to be enjoyed, including nature and kind people
Gemini Links 03/04/2026: "Slide Rule Triple Multiplication" and End of "Picture Pages": Links for the day
Rumours of Microsoft Layoffs This Season: Just how much trouble is Microsoft in at this point?
SLAPP Censorship - Part 31 Out of 200: Speaking About 20+ Years of Alleged Harassment/Defamation and High-Profile 'Targets' of Garrett: attempts were made to settle (in effect end the case) by the person who started the case almost half a dozen times along the way
In Asia, Windows is in Its Teens (Below 20%): On a global scale, Windows is down to about 26%
Low Morale at IBM and Perception of Destructive Management: IBM is going nowhere, fast
Gemini Links 02/04/2026: Super Mario Galaxy Movie and New Antenna Instance: Links for the day
It Seems Like Google News Cracked Down on (Omitted, Delisted) a Lot of Slopfarms: There's no justification/point in spending so much energy just to plagiarise things poorly
Steam Survey for Last Month Says 5.33% Use GNU/Linux: big leap for GNU/Linux
Links 02/04/2026: Science News, Energy Scarcity, Oil Sold in Yuan: Links for the day
Links 02/04/2026: Apple Turns 50, Efforts To Ban VPNs: Links for the day
Gemini Links 02/04/2026: Kubernetes With FreeBSD, OFFLFIRSOCH, and Great Circle Distance: Links for the day
Dr. Andy Farnell on Microsoft Silencing or Deplatforming Opposition in the UK and Elsewhere: Microsoft as a king or a kind of "religion" one cannot question
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 01, 2026: IRC logs for Wednesday, April 01, 2026
SLAPP Censorship - Part 30 Out of 200: The Time We Reported Abuse to Greater Manchester Police (GMP) and It Was Escalated to Its Cybercrime Unit: he started trolling and harassing me for criticising his employers' monopolistic and users-hostile agenda
'Modern' Cars Not a Rosy Industry: The current "modern" cars already have a shelf life similar to that of many toothpastes
Wrongthink Detector and Filter in "Think About the Children" Clothing: It is not about "age verification", it's a Trojan horse for social control
IBM Facilities Now Deemed Legitimate (Military) Target, Along With GAFAM Bases: Does IBM have any defences in place to protect against "downtime by explosions"?
What Happens When Some Large News Sites Turn to Slop and Spew Out Nonsense: LLM slop makes such grotesque mistakes abundant
Hardly Seeing Slopfarms Today, Even in Google News: Google's adventures with slop increased its debt significantly
Links 01/04/2026: Quantum Hype (Turing and Google), "US Fuel Prices Surge Past $4 a Gallon": Links for the day
Gemini Links 01/04/2026: "Sacred Week of Cycling" and Zenity for Scripts: Links for the day
Losing Debian: Sruthi Chandran election flop: Reprinted with permission from Daniel Pocock
French judgment: parasitisme by FSFE & Matthias Kirschner (CO23.002709): Reprinted with permission from Daniel Pocock
Microsoft Uses April Fools to 'Joke' About Inserting "Age Verification" (Surveillance) Into Linux: MinceR says the "lkml [message/page] one is April Fools or at least they're trying to pass it off as April Fools [however] the [GitHub] one was archived on the 8th and yesterday, so that probably isn't..."
IBM "Headcount Reductions" by Early Retirement and Death: The tragedy at IBM started 33 years ago on the first of April
Red Hat: Latin-1 character set under threat from Bishop Michael Martin, North Carolina: Reprinted with permission from Daniel Pocock
Links 01/04/2026: Microsoft GitHub Now Pushing Ads Into People's Code/Commits, Earth Overshoot Day Draws Nearer: Links for the day
What IBM and EPO Workers Have in Common: European Media Not Covering Very Major News (Press Became Dysfunctional): Are IBM operatives working to scuttle the process of investigative journalism?
Free Speech in the United Kingdom When "Chilling Effect" is Increasingly Prevalent: If politicians cannot even use a term like "parasitic behaviour", then where do we as a society end up?
Oracle Lays Off Because of Debt and Commercial Issues, Not Slop: Like Scam Altman, Larry Ellison hangs around Cheeto King because he could use some bailouts in the form of government contracts or phony money with an incredible name like "Stargate"
The Real Reason Many Sites and Forums Shun Microsoft Lunduke: When forums say that they banned Microsoft Lunduke or don't want him mentioned it's probably because they are familiar with the "stench" that follows him around
Gemini Links 01/04/2026: Hallucinations, Stitching, and Type Systems: Links for the day
Lots of Layoffs at IBM, "Media Blackout" About Mass Layoffs at IBM's HashiCorp and Confluent Last Month: IBM is a dying company circling down the drain while manipulating or paying the media to pretend everything is fine
Microsoft Under Investigation by the UK's Competition and Markets Authority (CMA) for Abusive Tactics: What's noteworthy is that this is "set to begin in May"
Sounds Like Red Hat (IBM) Layoffs in Slop Clothing: This is an IBM policy. They try to justify staff cuts.
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, March 31, 2026: IRC logs for Tuesday, March 31, 2026

Confirmed: Conficker Awakens

Comments

Recent Techrights' Posts