Media coverage of Conficker ‘does more harm than good' but should not be disregarded.

 

Panda Labs' Luis Corrons claimed that the virus will not be activated on 1st April, but that it will do something on the day, and that ‘no one has been able to guess the final aim of Conficker'.

 

Corrons said: “What we remember from previous infections is that the author's motive is to become famous, but we doubt very much if it all ends there. If we think about the different business models that there are currently behind malware, it is obvious that its author –or authors- will be looking to make money in some way.

 

“But, in which way? It can be by harnessing the infected PCs net to send spam, by installing on the infected PCs some type of rogue anti-malware to warn users that their computer is infected enticing them to buy a fake anti-virus, by downloading password stealer type Trojans. There are many speculations, but nothing for sure.”

 

He further claimed that there could be three directions that the author could take: create a new variant which exploits another zero day vulnerability that takes no time to spread and this was the plan all along for Conficker; keep alive the three variants which are distributing, monitoring how much money they are making day by day, to the end; or get bored and do something else.

 

Corrons said: “We bet on option A. Not necessarily for April 1st, but on its way. It will be a shame to go to so much trouble without getting anything. Because of this we think that it won't go away so easily.”

 

“Above all, don't get taken in by the panic. What do users do on 1st April?  If you have your PCs protected by a good and updated anti-virus, nothing.  If you don't have one, we recommend you install one.”