Conficker still lurks on the Internet

Conficker, a rogue virus that cropped up last November, is still with us, according to an article in the New York Times. Despite the fact that computer security experts decoded the program and created antivirus software, Conficker is ready to attack again.

"It's using the best current practices and state of the art to communicate and to protect itself," Rodney Joffe, director of the Conficker Working Group told the newspaper "We have not found the trick to take control back from the malware in any way."

Researchers don't know how strong Conficker is, but they fear that it is robust enough to generate vast amounts of spam, steal information like passwords and logons and deliver fake antivirus warnings, reports the New York Times.

There also is a growing worry that the virus was designed by an intelligence agency, not a criminal gang, to disable an enemy's computer--not just the consumer ambling around on the Internet. There is also evidence that recent attacks had political overtones.

The experts don't know how many infections there are or where they are coming from. Some experts point their finger at Buenos Aires and Kiev. The Federal Bureau of Investigation is working on the case, but they aren't saying anything because it's an open investigation.

The Conficker Working Group is looking for ways to kill Conficker, and hoping the experience will prepare them for other types of attacks. "Even if we lose against Conficker," Joffe said, "there are things we've learned that will benefit us in the future."

For more on Conficker:
- see this New York Times article (registration required)

Related Articles:
Botnets get harder to find and fight
Security companies: Conficker worm fears exaggerated
Conficker evolves; adds new capabilities