Glitch City Laboratories Archives

Glitch City Laboratories closed on 1 September 2020 (announcement). This is an archived copy of a thread from Glitch City Laboratories Forums.

You can join Glitch City Research Institute to ask questions or discuss current developments.

You may also download the archive of this forum in .tar.gz, .sql.gz, or .sqlite.gz formats.

General Discussion

Conficker update. - Page 4

Re: Conficker update.

Posted by: Missing? NO!
Date: 2009-04-30 17:52:24

I've gone through the list, and neither of them say which variant disables Anti-Virus. I'll try and and find the BitTool Remover. Is Auto Updates disabled?

No, but whenever I put the thumbdrive into my computer, the thumbdrive enables AutoRun.
It said it would do that.

Re: Conficker update.

Posted by: Wild MissingNo. appeared
Date: 2009-04-30 17:53:55
Okay, I'm going to sent you a link, through a PM. Can you go to anti-virus websites? Conficker blocks access to them. If yo can get to one, then you might be infected with either C/D/E.

Re: Conficker update.

Posted by: Missing? NO!
Date: 2009-04-30 17:55:23

Okay, I'm going to sent you a link, through a PM. Can you go to anti-virus websites? Conficker blocks access to them. If yo can get to one, then you might be infected with either C/D/E.

I can.
(It just reset my computer.)

Re: Conficker update.

Posted by: Wild MissingNo. appeared
Date: 2009-04-30 17:55:59
I sent you a link, to scan your PC to see if you are infected.

Re: Conficker Update

Posted by: Missing? NO!
Date: 2009-04-30 18:00:10
Thank goodness, I'm not infected.
My computer is probably acting weird.

Re: Conficker update.

Posted by: Wild MissingNo. appeared
Date: 2009-04-30 18:01:10
That's good to know. I have days like that when my laptop acts strange. It was like before when my Anti-virus got suddenly disabled, and this was long before I knew of Conficker. But I'm not infected, thaknfully.

Re: Conficker update.

Posted by: Missing? NO!
Date: 2009-04-30 18:03:03

That's good to know. I have days like that when my laptop acts strange. It was like before when my Anti-virus got suddenly disabled, and this was long before I knew of Conficker. But I'm not infected, thaknfully.

One of the computers in my school acts this way as well.
I wonder if it has Conficker.

Re: Conficker update.

Posted by: Wild MissingNo. appeared
Date: 2009-04-30 18:07:39
If the computer has the following disabled:

Account lockout policies being reset automatically.
Certain Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Windows Error Reporting disabled.
Domain controllers responding slowly to client requests.
Congestion on local area networks.
Web sites related to antivirus software or the Windows Update service becoming inaccessible.
User accounts locked out.

Then it is possible the computer's schools, could be infected. If they don't have the patch, and up to date, anti-virus with a strong password to lock the PC, then Conficker could be hiding in one of the PCs.

Re: Conficker update.

Posted by: ?????(000)
Date: 2009-05-01 11:30:34
Well, school computers have always been crap, so it's likely. Shame none of the school computers here do anything like that.

Re: Conficker update.

Posted by: Wild MissingNo. appeared
Date: 2009-05-01 13:45:46
I've locked my laptop. I haven't locked my parents PC, as they would forget my password. I need to lock my PC later.

Re: Conficker update.

Posted by: Missing? NO!
Date: 2009-05-01 15:17:21
Gladly, my laptop is fine now.

Re: Conficker update.

Posted by: Wild MissingNo. appeared
Date: 2009-05-01 15:43:47
That's good to know. I was reading this the other day, about Conficker.

Conficker worm hits hospital devices

A computer worm that has alarmed security experts around the world has crawled into hundreds of medical devices at dozens of hospitals in the United States and other countries, according to technologists monitoring the threat.

The worm, known as "Conficker," has not harmed any patients, they say, but it poses a potential threat to hospital operations.

"A few weeks ago, we discovered medical devices, MRI machines, infected with Conficker," said Marcus Sachs, director of the Internet Storm Center, an early warning system for Internet threats that is operated by the SANS Institute.

Around March 24, researchers monitoring the worm noticed that an imaging machine used to review high-resolution images was reaching out over the Internet to get instructions ? presumably from the programmers who created Conficker.

The researchers dug deeper and discovered that more than 300 similar devices at hospitals around the world had been compromised. The manufacturer of the devices told them none of the machines were supposed to be connected to the Internet ? and yet they were. And because the machines were running an unpatched version of Microsoft's operating system used in embedded devices they were vulnerable.

Normally, the solution would be simply to install a patch, which Microsoft released in October. But the device manufacturer said rules from the U.S. Food and Drug Administration required that a 90-day notice be given before the machines could be patched.

"For 90 days these infected machines could easily be used in an attack, including, for example, the leaking of patient information," said Rodney Joffe, a senior vice president at NeuStar, a communications company that belongs to an industry working group created to deal with the worm. "They also could be used in an attack that affects other devices on the same networks."

Joffe, who is scheduled to testify before Congress on Friday, said he will ask lawmakers to remove the barriers to coordination between federal agencies so that cyberthreats like Conficker can be addressed.

In addition to the medical-imaging machines, Joffe said the working group has seen thousands of other machines located in hospitals reach out to the Conficker mastermind by contacting another computer on the Internet for instructions. Researchers have not determined the function of these machines. They could be a personal computer sitting on a secretary's desk or more sensitive medical devices linked to patient care.

"Hopefully, the malware writers didn't have a lot of insight into how these medical devices work," said Patrik Runald, chief security adviser for F-Secure, a computer-security company based in Finland. Runald said the worm had also been found at a hospital in Sweden and several hospitals in England earlier this year.

And the danger isn't contained to hospitals.

"Microsoft Windows is a common operating system for embedded devices that is used in all industries," Joffe said. "There is no reason to believe that other industries don't have the same problem."

At the peak of the worm's infection in early spring, the Conficker Working Group estimated there were more than 10 million devices infected worldwide. Runald, whose company is part of the Conficker Working Group, said about 3 million devices are currently compromised as the others were cleaned up. But while experts have patched infected machines, they have not been able to stop the spread of the worm.

Conficker spreads by copying itself onto machines running Microsoft's Windows operating system that lack the security patch from October. Conficker installs itself and periodically reaches out for directions from its maker that cause it to rewrite its code, increasing its capabilities for malicious action and decreasing its chance of detection.

Joffe said he doubted that whoever made Conficker was specifically targeting medical devices or parts of the country's critical infrastructure, but that doesn't reduce the risk that key industries could be crippled by the worm.

"Once they work out what they've got, who knows who they will sell access to," he said. "This has to be fixed."

Re: Conficker update.

Posted by: ?????(000)
Date: 2009-05-01 15:47:52
I was wondering, who created this worm, and why? And even more importantly, what will happen when and if said person gets found out?

Re: Conficker update.

Posted by: Missing? NO!
Date: 2009-05-01 16:01:54

I was wondering, who created this worm, and why? And even more importantly, what will happen when and if said person gets found out?

They will go to jail at least, or the death penalty.
THEN THEY GO TO HELL.

Re: Conficker update.

Posted by: Wild MissingNo. appeared
Date: 2009-05-01 16:36:01
Well, the ones who are researching Conficker, think them who created the Storm Worm, are the makers of Conficker.