The premise was pretty simple: Conficker.C would spread to as many machines as possible throughout March. Each infected machine was given a huge list of domains, one of which would be contacted by 1 April.
The deadline made all the difference. Now, Conficker wasn’t just a simple malware infection, it was a ‘ticking time bomb’, and a looming menace that would unleash carnage. Or at least that’s what the story turned into when unscrupulous security vendors and tech-newbie news outlets got hold of the story.
Then the deadline passed and, pretty much as every reasonable person in the industry predicted, Conficker didn’t do much of anything. The botnet remains intact and still poses a threat, but nothing near the utter cyber-carnage that many spoke of.
Iain Thomson: Conficker has now started its attacks and has proved to be just another botnet builder like most other malware.
However, the media panic over Conficker has shown that people are still scared of viruses. As Bruce Schneier pointed out at RSA last week, Conficker hit all the right buttons. It had a funny sounding name, was mysterious and was set to do something on a ‘magic’ date.
Conficker has, however, served a useful purpose. It spreads via a vulnerability that has had a patch available since last October. If my company’s servers got hit by a vulnerability that old, my IT manager would be getting a stern talking to, possibly involving a thumbscrew and a hot pair of pliers.
Iain Thomson: ExploreZip was written over a decade ago but is still to be found in the wild today, a good example of how persistent these little programs can be.
ExploreZip, like most viruses of the time, targeted Windows systems a nd was spread via email. The recipient got an email reading ‘I have received your email and I shall send you a reply ASAP. Till then take a look at the attached zipped docs.’
Clicking on the attachment booted the virus onto the user’s computer and it immediately spammed itself out to all of the contacts in Outlook. More worryingly it also overwrote Word documents with lines of zeros, and did some damage to the operating system itself. As destructive worms go it wasn’t too bad, but in the pre-Millennium days of 1999 it certainly caused a panic.
Shaun Nichols: Often, viruses aren’t meant to be overtly destructive. Older viruses often did damage through unintended conflicts, while newer malware tries to remain undetected in order to steal data or hijack programs.
This wasn’t the case with ExploreZip, however. Upon receiving the virus, users would open an attachment that would immediately begin damaging the host computer.
This seems pretty scary at first. But when you think about it, a damaged hard drive is still far less serious than a hijacked bank account.