http://tech.yahoo.com/blogs/null/128...-come-april-1/
How exactly is this thing going to strike? Visiting an infected website?
http://tech.yahoo.com/blogs/null/128...-come-april-1/
How exactly is this thing going to strike? Visiting an infected website?
Developer for Ancient Empires Elysium and Das Heilige Römische Reich
Creator of Barons Alliance Mod, Der Deutsche Ritterorden Mod, and Kingdoms Unpackers for Gold Edition
No offense to you personally, but why are you so concerned about security, SPQR? I noticed all you talk about (usually) is PC security and seem to have no problem sacrificing performance and convenience for it
I honestly don't care about the latest threats, I use my Router & Windows Firewall, Mozilla Firefox, get all the latest updates, use NoScript addon for Firefox, etc. I basically have a good defense and will install my scanners once in a while and then uninstall them. I also disable a lot of services that are a security risk (such as Remote Registry)
Anyways, interesting news. +rep for the notice.
Last edited by Strelok; March 25, 2009 at 01:48 PM.
Developer for Ancient Empires Elysium and Das Heilige Römische Reich
Creator of Barons Alliance Mod, Der Deutsche Ritterorden Mod, and Kingdoms Unpackers for Gold Edition
1. Last time I checked you always liked AVG8, that's "crap" enough for me. I wasn't making a personal attack anyways.
2. So what if you didn't "ask" me, I just said it as a comment, do you look at Tw Center Basement subforum, make a topic and say "I didn't ask to talk about technology"? Of course you don't.
3. No answer for you. At least I gave you rep![]()
Last edited by Strelok; March 25, 2009 at 08:20 PM.
Ever since I read this article it has me paranoid, I hate thethat made it. I don't see the point, and I most definatly never will.
"I have only two regrets: I didn't shoot Henry Clay and I didn't hang John C. Calhoun."- Andrew Jackson
1. I dont use AVG8. I use AVG8.5 It is somewhat better.
2. True. Ill give you that.
3. Thanks! I love rep!
Your not the only one. This is the only thing I could find on it, but I still dont know how it will strike. If it has more ways than just infecting you by visiting a bad website, this is going to be the major craps. I strongly recommend you get one of the following removal tools just in case.
BTW, I would love to know who wrote this worm because then M$ would give me the $250,000 bounty.
Just when you might have thought it was safe to start using USB flash drives at work again, the third, and by all accounts, most fiendish version of the Conficker worm that's infected millions of PCs already is set to attack on April 1st, Ars Technica reports. Conficker.C's designed to hide itself even more thoroughly than its older siblings Conficker.A and Conficker.B, using tricks such as:
To find out what happens when Conficker.C strikes, join us after the jump.
- Inserting itself into as many as five Windows-related folders such as System, Movie Maker, Internet Explorer, and others (under a random name, of course)
- Creating access control entries and locking the file(s)
- Registers dummy services using a "one (name) from column A, one from column B, and two from column C" method
Conficker.C's payload makes it harder than ever to recover from being infected:
See the Win32/Conficker.C writeup at CA's website for complete technical details.
- Deactivates Windows Security Center notifications
- Prevents restart in Safe Mode
- Prevents Windows Defender from running at system startup
- Deletes all system restore points
- Disables various error-reporting and security services
- Terminates over twenty security-related processes
- Blocks DNS queries
- Blocks access to security and antivirus websites
- And, to top it all off, Conficker.C can choose from a list of 500 domains to contact out of a pool of 50,000 (way up from Conficker.B's 32 out of 250).
Microsoft, Panda Software, Symantec, and McAfee are just a few of the vendors that have now updated their threat encyclopedias to include Conficker.C (it's sometimes listed as Conficker.B++). Since Conficker.B and the new Conficker.C are designed to block access to antivirus websites, you might want to download removal tools now - just in case. You can get one developed by BitDefender from the Downadup.org website (Downadup is the alternative name for Conficker); however, keep in mind that ArsTechnica isn't certain if it will remove Conficker.C (it will remove older versions).
Naturally, prevention's way better than curing a nasty worm outbreak. To learn more about preventing infections, and for links to additional removal tools, see our previous Conficker articles
Developer for Ancient Empires Elysium and Das Heilige Römische Reich
Creator of Barons Alliance Mod, Der Deutsche Ritterorden Mod, and Kingdoms Unpackers for Gold Edition
Wouldnt a simple reformat fix everything? jeeze.
>>>>> METAL BLOGGGGGGGG <<<<<
I <3 Student Loans
EVGA GTX580 1.5GB GPU
AMD Phenom II 955BE C3 3.2GHz @ 19c idle
16GB G.skill 1600MHz RAM DDR3
Corsair Force 3 60GB SSD, 150GB Velociraptor, 2x2TB Storage Drives
Corsair TX650W PSU
Asus 2x24" Vertical Monitors + 1 Sony EX500 46" LCD TV
Corsair Obsidian 800D
Bell FiberOP Internet 70mbps DOWN 30mbps UP
Developer for Ancient Empires Elysium and Das Heilige Römische Reich
Creator of Barons Alliance Mod, Der Deutsche Ritterorden Mod, and Kingdoms Unpackers for Gold Edition
According to the various security alerts, the virus can take advantage of bugs in file sharing, removable drives, or weak administrator passwords. It doesn't seem to use websites as an attack vector.
The point is that most people aren't going to notice and do that. There's currently a network of infected machines numbering in probably the tens of thousands, which can be used by their (unknown, criminal) controllers to do whatever they want. They could take down major websites for pay, mine and sell vast amounts of private data, or do a huge amount of gratuitous damage by just wiping everyone's drives. On April 1 it's going to download an update, and nobody knows what it will do. This isn't your average stupid adware infection, it's very serious and professional malicious code that's created a very large botnet in a quite short time.
I have none of those 3! All file sharing capabilities disabled, no removeable drives and a strong administrator password!According to the various security alerts, the virus can take advantage of bugs in file sharing, removable drives, or weak administrator passwords. It doesn't seem to use websites as an attack vector.
He was more talking about the power/standard user who just likes to dick around and do stuff and has no problem reinstalling all his stuff. Wheelchair does have a point, people care about security a little bit too much. If you have very sensitive data (child rape, nuclear launch codes) I think you would be concerned. If the reliability of your computer decides the fate of your company, then yes, but if your just messin' around all day then theres little need to worry.There's currently a network of infected machines numbering in probably the tens of thousands, which can be used by their (unknown, criminal) controllers to do whatever they want
Is it possible that it can be sitting in your BIOS? I'm thinking of wiping my HDD & and re-flashing my BIOS clean and not using my PC on April 1st. After doing some more research, I'm worried.
I guess I'll wipe all my flash drives & HDD's and my SSD, including BIOS and install Ubuntu for the day
Theres so many ways that I would know if it disabled stuff, especially UAC, I doubt I will be too affected. I also have many services disabled that are general security risks (such as Server)
Last edited by Strelok; March 27, 2009 at 01:42 AM.
The problem is that your computer can still be used to attack others in botnets, send out e-mail spam, and other malicious things. Compromised computers hurt everyone, not just their owners.
No, this virus doesn't do that. Some have been demoed that do, but my understanding is it's fairly hard due to the heterogeneity of motherboards. Windows is a very homogeneous target, by design.
So what exactly is your opinion on staying protected from this Sim?
Developer for Ancient Empires Elysium and Das Heilige Römische Reich
Creator of Barons Alliance Mod, Der Deutsche Ritterorden Mod, and Kingdoms Unpackers for Gold Edition
OPEN BATTLEFIELD CAPTURE POINTS AND IMPACT PUFFS HAVE GOT TO GO!
REVERT INFANTRY THROWING PILAE TO ROME TW'S SYSTEM AS IT WAS PERFECT!
Mobo: GA-P35-S3, CPU: Intel Core 2 Quad Q8400 2.66Ghz, GPU: AMD HD 6850 1GB, RAM: 4.Gb Corsair DDR2, Sound: Audigy 4, O/S: Windows 7 64bit Home Premium
Developer for Ancient Empires Elysium and Das Heilige Römische Reich
Creator of Barons Alliance Mod, Der Deutsche Ritterorden Mod, and Kingdoms Unpackers for Gold Edition
Just about every scanner out there should have the definition update for Conficker.C. Run a deep scan with whatever you pick and you are basically in the clear. If you really are concerned, format all of your drives and then if you still feel unsafe, install a Linux distro since this is a Windows only worm.The entire French navy airforce, RAF, and Royal Navy were immobilized for about a week from its weaker sibling ConfickerB, and you think I shouldnt be worried?
Explain how it's rediculous.That is the most rediculous crap Ive ever heard.
Bingo!
It is not hysteria. The botnet is probably millions strong. It puts a tremendous amount of power in the hands of criminals. Your computer might not get infected, but that's not the point. We're probably talking about the ability to disable entire countries' Internet access by DDoS. Not big countries like the US or China, but entire countries nonetheless. And these people are almost certainly selling usage rights to the highest bidder. We can only hope that they'll be content with just installing malware and taking down a few unimportant websites instead of causing some real havoc ― they could probably cause billions of dollars' worth of damages.
Attention from experts will only blow over if the botnet dies, like if all its users reinstall or upgrade Windows. The media, of course, is fickle about this kind of thing, but security researchers pay close attention to large botnets as long as they exist, with good reason.