PandaLabs’ Predictions of Conficker’s Minimal Impact on April Fools Day Ring True

The Much-Feared Re-activation of Conficker on April 1st Goes Off Without a Bang

GLENDALE, Calif., April 1 /PRNewswire/ – PandaLabs, Panda Security‘s malware detection and analysis laboratory, predicted in a recent blog post that the malicious Conficker worm won’t cause major upheaval on April 1st and advised consumers not to “get taken in by the Conficker panic” (http://pandalabs.pandasecurity.com/archive/Don_1920_t-get-taken-in-by-the-Conficker-panic.aspx). As predicted by PandaLabs, the much-feared reactivation of the Conficker virus, forecasted for Midnight on April 1, has yet to cause massive infections.

According to Luis Corrons, Technical Director of PandaLabs, “The ultimate aim of the virus is to obtain money. With the alarm generated by the media attention, security vendors have been working to avoid a potentially widespread epidemic. Evidently though, if someone is going to steal money, they are not interested in being headline news. That’s why we believe that its creator is trying to find a new zero-day vulnerability to exploit in order to spread the infection. But it will happen at a moment when our guard is down, not when everyone is on the alert.”

At Midnight on April 1, Conficker started to generate 50,000 new URLs from which, supposedly, the malware would be able to update itself to a new version, starting a massive series of infections. However, until now, no new versions or additional infections have been detected other than those already associated to the previously active variants.

“It is still possible that at any moment one of these URLs could be activated and the worm could download an update to its code or new malware. In any event, this would only affect users who are unprotected against Conficker, although there are still many of them,” says Corrons.

Although there has been much speculation as to why the creators are trying to draw attention to Conficker, Corrons adds, “The reality of today’s malware is that it is created with a financial motive. At PandaLabs we believe that the cyber-criminals behind this worm are still aiming to infect as many unprotected computers as possible. This way, with a critical mass of infected computers, they can then start to profit by renting out the network for sending spam, downloading Trojans to steal data and other fraudulent activities.”

Ironically, one of the main dangers associated with Conficker, as described on the PandaLabs blog (http://pandalabs.pandasecurity.com/archive/Chapter-2.-The-Conficker-countdown-melodrama_2E00_.aspx) is not the worm itself, but the fact that cyber-crooks are exploiting the notoriety of this malware to distribute other malicious code from domains ranked highly in Internet searches for the word ‘Conficker.’

To avoid falling victim to Conficker and other malicious code, PandaLabs advises:

• Having an up-to-date anti-malware solution installed
• Installing the patch that fixes the vulnerability exploited by Conficker
• Having a solution to prevent malicious code spreading through USB devices (pen drives, MP3 players), etc. With this in mind, Panda has developed the free Panda USB Vaccine, which can be downloaded from: http://www.pandasecurity.com/homeusers/downloads/usbvaccine/
• Not opening emails from unknown sources and never clicking links or running files attached to such emails

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model which can even detect malware that has evaded other security solutions.

Currently, 94 percent of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), working 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients. More information is available in the PandaLabs blog: http://www.pandalabs.com and the Panda Security website: www.pandasecurity.com/usa.

SOURCE Panda Security