Conficker Worm

Media outlets have been reporting the potential for a widespread outbreak of a malicious attack on Windows OS personal computers set for April 1, 2009. (See the following articles from CNN.com) The attack is the result of computers infected with the Conficker worm, a program that could cause major problems for those infected computer users.

Problems could range anywhere from losing your personal data (pictures, documents, etc.) to having your computer comprised and send out spam to keystroke monitoring, resulting in the theft of personally identifiable information, such as bank account numbers and passwords. The best way to check if you are infected with the worm is to be sure your antivirus software is up to date and to run a full system scan. You should also check to see that recent Windows Updates have been installed.

If you have questions regarding this threat or think your computer may have been infected, contact the ITS Help Desk at 319-384-4357 or its-helpdesk@uiowa.edu.

See the ITS Security Center for more information on keeping your computer, data, and personal information secure.

Additional Resources Regarding the Conficker Worm

Symantec:
http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm

SRI:
An Analysis of Conficker C
http://mtc.sri.com/Conficker/addendumC/

F-Secure:
Questions and Answers: Conficker and April 1st
http://www.f-secure.com/weblog/archives/00001636.html

Byron Acohido:
Timeline
http://lastwatchdog.com/evolution-conficker-globe-spanning-worm/

Microsoft:
Malicious Software Removal Tool
http://www.microsoft.com/security/malwareremove/default.mspx

Secureworks:
Conficker Analysis
http://www.secureworks.com/research/threats/downadup-removal/