Time Recursion

As I write this, we’re nearing midnight here, and with this the 1st of April, when the Conficker worm is believed to strike. You probably already know about this, or have heard about this imminent threat, because of all the hype the mass media have created around it. And how they couldn’t! It’s one of the smartest worms ever designed, and has already infected more than 3,000,000 computers worldwide.

But why are people so afraid of it, and why there’s no good way to get rid of it (Well, that’s not completely true, you can disable it without much problems, the hard part is finding out whether you are infected with it, and preventing from getting infected again)? The answer is pretty straightforward when you get to know how Conficker works. It’s not just the usual malware that strives to make your computer unusable. The Conficker itself is not dangerous at all to your computer. All it does is to make sure it doesn’t get detected and removed and it waits for a certain date it was programmed to, to check on the net to get new orders. Now, you might say, why don’t those big companies just make sure to take down the websites the worm will try to contact? They tried, but they weren’t successful. At the time there were only a few hundred. Now, after the last update of the worm, the base of addresses it’ll check for further instructions has grown to several tens of thousands. It’s impossible to predict all the variations and shut down so many sites on such a short notice. Microsoft, whose operating system is targeted by the worm, made known that the situation is serious. They’re even offering a $250,000 prize for the arrest of the Conficker creators.

But what can actually happen? Since the goal of Conficker is not the destruction of the computer it resides on, though this might happen when it’s work is done, it’s scary to think what else could it be. Having so many computers under control opens up an infinite amount of possibilities. Large scale cyber-attacks are not so hard to perform anymore. Even full-scale attacks on a national level are possible. It’s like SETI @home, just bigger, more powerful and with a bad scope.

The next update is tomorrow, on April’s Fools day. Will it be just an update to the algorithm or and actual command for an attack? Who knows, I guess we’ll have to see it by ourselves.