The first day of April is usually considered one of the more light-hearted days of the year; it is a day dedicated to pranks and jokes. However, on April Fools Day this year, the internet worm called Conflicker is scheduled to get an “update” from its operator, and that is anything but funny.
An article in the Times of London described Conflicker as a malicious piece of sophisticated software that installs itself in Windows PC hard drives through specially constructed websites. Once lodged in the computer, the malware worm disguises itself.
Graham Cluley, a member of the British security firm named Sophos, announced that the virus has indeed been programmed to “hunt for new instructions on April 1st.”
Even so, Cluley also emphasized that this does not mean that the virus is going to do anything, but simply that it will begin to search a broader range of websites for information.
According to Microsoft’s Chief Security Officer Ed Gibson, the Conflicker virus installs itself into computer hard drives when certain websites are accessed. These websites are doppelgangers of legitimate websites which receive a large amount of web-traffic.
Using copied information and slightly different website names the creators of Conflicker hope to trick web surfers into accessing these fake sites where the virus can install itself.
Probably the most upsetting thing about Conflicker is that no one is really sure what it is meant to do. Most of the information about the virus focuses around how it installs itself, and how it makes itself dormant inside a computer.
Microsoft’s Malware Protection Center provides good information about the virus and what it does once it has placed itself in a PC.
According to the Microsoft website, Conflicker can disable important services on computers, in addition to adding files which can be viewed in the Auto Play dialog box.
Conflicker crates files titled either “Open Folder to View File- Publisher not specified” or “Open Folder to View File- Using Windows Internet Explorer.” Opening one of these files will activate the worm, causing it to spread to other systems that are linked to that computer.
If an infected computer has a program called “file-sharing” enabled Conflicker could allow outside attackers to take control of the computer and use it for malevolent purposes.
Computers that share servers and computers without the latest security updates are at risk of infection, as well as removable hard drives and USB sticks.
Millions of PCs around the world have already been infected. Microsoft advises users to keep their computers updated with the latest security programs to protect themselves from the Conflicker worm as well as other viruses.
The Sophos security program recommends that PC users only visit well-known and secure websites, and be wary of imitations.
There is currently a $250,000 reward for the person who identifies Conflicker creator, but even so, very little is known about the worm’s true purpose. Once again the internet has proven to be unsafe and filled with unknown dangers, only reiterating the importance of backing up files, updating security systems, and avoiding strange websites.
