Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

Links

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Navigation

Page Summary

Most Popular Tags

Expand Cut Tags

No cut tags

PSA:  Spreading the [bad] word

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
[personal profile] unixronin
Wednesday, March 25th, 2009 08:16 am

Not all of you folks on my FL read [livejournal.com profile] databeast, or keep up with the tech press.  Which is why I’m quoting his most recent post in its entirety here:

Next week, at 8pm EST/00:00 GST, the Conficker worm will download its next code update.

I’ve spent the last 4 months spending damn near my every waking hour fighting this thing.

If you have no idea what I’m talking about, just go google ‘Conficker’ now.  I’ll be happy to answer any questions.

In the meantime, go to http://windowsupdate.microsoft.com/ and download every last update on there.

Tell your friends to do the same.

if you can’t reach that site, you are already infected. Take your machine offline and get it disinfected by a professional.

But remember this, right now If you are not part of the solution, you are part of the problem.

Conficker is shaping up to be the scariest, largest botnet ever to have existed.  If you use Windows as your operating system, and you don’t regularly update it, you are part of the problem, and your computer is likely now the property of some shadowy criminal syndicate based out of God-Knows-Where.

If you aren’t a Windows user, but you know people who are, tell them the above instructions.  We have less than 7 days until what could, in the worst case scenario, be the most destructive event ever witnessed on the internet, a vast, data-stealing network owned by an organized crime syndicate.  We aren’t talking science fiction here folks.

If every man would sweep his own doorstep the city would soon be clean.

Italian Proverb

He’s not kidding, folks.  Conficker (aka Downup, Downadup, or Kido) is serious bad news.  It’s the next level of Internet worm evolution; it’s Botnet 2.0, the most sophisticated worm yet seen.  During one of its major activity spikes, on January 15-16, Conficker infected 1.1 million PCs in less than 24 hours.  At that time, F-Secure estimated — conservatively — that 3.52 million systems were infected worldwide.  By January 21 the number was believed to be around 9 million.  Current estimates run as high as 12 million.

For the technically knowledgeable among you, SRI International has an analysis of the most recent Conficker-C variant here.  For the non-technical, McAfee has some less technical information about what it does here.  And PC World has an article here detailing how it attacks and some measures you can take to protect yourself if you’re not already infected.  (The article is slightly out of date; one recent Microsoft security patch disables AutoRun for you as a precaution.)

One point from [livejournal.com profile] databeast‘s post cannot be emphasized enough:

If you run Windows, with ANY browser, and you can read this post, but you cannot get to www.windowsupdate.com, or GRIsoft.com (home of AVG antivirus), or Trend Micro, or Sophos, McAfee or Kaspersky or any other antivirus site, assume you are already infected.  Take your computer offline and seek professional assistance to get it disinfected and patched.

On April 1, the Conficker botnet goes active.  And we don’t have any idea what its new instructions will tell it to do.  But it could be very, very bad.

UPDATE:

Since Conficker can’t block downloads of tools from sites that don’t match its internal list of strings, I’ve mirrored several of the free Conficker removal tools locally:

So if you can’t get to windowsupdate or any of the antivirus sites, you can download removal tools here.

  • Current Location: Gilford, New Hampshire
Tags:
Flat | Top-Level Comments Only

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Wednesday, March 25th, 2009 01:21 pm (UTC)
/nods

We recently switched from AVG to Avast!, because while we'd been very happy with AVG Free up to v7.5, AVG8 just really chowed down on the CPU. Avast! also updates more frequently — as much as several times a day — and does an initial post-install scan actually before Windows fully boots, which prevents a pre-existing infection from using certain Windows tricks to hide from the scan.

[identity profile] hugh-mannity.livejournal.com
Wednesday, March 25th, 2009 01:28 pm (UTC)
Thanks, I'll recommned Avast! to the TeenBeast. Not sure what he's got on his spiffy PC what he builded himself.

[identity profile] bikergeek.livejournal.com
Wednesday, March 25th, 2009 02:17 pm (UTC)
another vote for Avast!, here.

[identity profile] mazianni.livejournal.com
Wednesday, March 25th, 2009 01:50 pm (UTC)
I've been running AVG on one of two of my machines and I've been thinking about switching to avast. Given your recommendation I think I'll do that when I get home.

[identity profile] argonel.livejournal.com
Wednesday, March 25th, 2009 02:33 pm (UTC)
I've been pretty happy with both AVG and Avast!. Specifically I currently have 2 machines running Avast! and 1 running AVG.

[identity profile] databeast.livejournal.com
Wednesday, March 25th, 2009 11:07 pm (UTC)
And I love the 'virus database has been updated' voice it plays too!

No wait, no I dont.

still, a vote for Avast! here, It's been my primary suggestion to people for the last two years now
Flat | Top-Level Comments Only