Register for an account

X

Enter your name and email address below.

Your email address is used to log in and will not be shared or sold. Read our privacy policy.

X

Website access code

Enter your access code into the form field below.

If you are a Zinio, Nook, Kindle, Apple, or Google Play subscriber, you can enter your website access code to gain subscriber access. Your website access code is located in the upper right corner of the Table of Contents page of your digital edition.

Technology

Mystery of the Conficker Worm Continues: Does It Want to Scam or Spam?

80beatsBy Eliza StricklandApril 10, 2009 12:55 PM
computer-network

Newsletter

Sign up for our email newsletter for the latest science news

The computer worm known as Conficker that has infected millions of PCs around the world stirred yesterday and raised new fears that the hackers behind the worm are gearing up to cause mischief, but experts say their intentions are still mysterious. The worm went active on April 1, but it didn’t seek to disrupt networks and didn’t harness infected computers to send out waves of spam. The lack of a clear business model for Conficker … had confounded researchers and analysts. In fact, it was one of the reasons why there was so much attention paid to the worm’s new communications scheme activation date: Everyone wondered what it would do on April 1 to monetize the effort spent collecting a massive botnet [Computerworld].

Over the past two days infected machines have begun to download additional software, but so far the results still haven’t been as dire as many experts originally predicted. According to varying reports, some computers are just preparing to run a small-scale scam on their users, while others have adopted an existing email worm that can steal passwords and send spam. The latter function may be more troublesome, some experts say. The consensus within the computer security industry is that although there are now some indications that Conficker’s authors are intent on building a giant spam system, there is no hard evidence. “This is just Step 5 in a thousand-step chess match,” [The New York Times], said security expert Vincent Weafer.

Some experts monitoring Conficker infected computers say the worm isdownloading and installing fake security software. Often called “scareware” for its habit of trying to spook users with bogus infection warnings — then dunning them with endless pop-ups until they fork over up to $50 to buy the useless program — such rogue antivirus software has become a huge business [Computerworld].

Other observers detected the spam program that had been placed via Conficker’s built-in peer-to-peer (P2P) communications capability, which allows large groupings of infected systems to hand off software updates and instructions being pushed out by the worm authors…. “There are still some unknowns here, but things are becoming a lot more clear, and it certainly seems they’re making a move here to finally monetize all this effort” [Washington Post blog], says Paul Ferguson, a researcher with the security company Trend Micro.

2 Free Articles Left

Want it all? Get unlimited access when you subscribe.

Subscribe

Already a subscriber? Register or Log In

Want unlimited access?

Subscribe today and save 70%

Subscribe

Already a subscriber? Register or Log In