The hours are ticking down to April 1st – in fact, in some parts of the world it’s already April Fool’s Day. (Wave to our friends in eastern Australia and New Zealand!)
But Conficker works at its own pace, and doesn’t pay too much attention to the time setting of the computers it infects. Instead it queries internet sites to determine if it’s gone past 00:00 April 1st 2009 GMT. (That’s 1am British Summer Time, for example).
So, only once its sure that March 2009 is history will Conficker change its operation and begin to look for instructions in a new way.
However, that’s not going to mean very much unless it finds some instructions to obey. And so far the hackers behind Conficker have been very lazy in giving the worm any orders at all. So it’s quite possible that nothing much will happen. Sorry about that, but we did try and tell you.
Which means that most of the Conficker-related action is actually happening not on users’ computers, but in the newspaper headlines.
Yes, some real creativity there with “computers melting” and “internet chaos” a-plenty. They always put those bits in quotes, but it’s hard to find out who the people are that they’re actually quoting in those headlines – certainly not members of the computer security community.
If you’ve seen an amusing newspaper headline related to Conficker either online or in print please let me know (providing a link or image if possible). I’ll choose my favourite and send the lucky winner an exclusive super-duper Sophos T-Shirt for their trouble.
[vimeo 3931215]More information about Conficker:
- Remove Conficker with our free clean-up tool. Download it now
- Hype, April Fool’s Day and the Conficker worm
- Conficker: Why I can’t tell you what it will do on April 1st
- How to stop the Conficker worm on an unpatched PC
- Passwords used by the Conficker worm
- Download a podcast where Sophos expert Paul Ducklin discusses the true threat posed by the Conficker virus, with Patrick Gray, host of the ITRadio programme ‘Risky Business’
