A malicious software program known as Conficker that many feared would wreak havoc on April 1 is slowly being activated, weeks after being dismissed as a false alarm, security experts said.

 Conficker, also known as Downadup or Kido, is quietly turning thousands of personal computers into servers of e-mail spam and installing spyware, they said.

 The worm started spreading late last year, infecting millions of computers and turning them into “slaves” that respond to commands sent from a remote server that effectively controls an army of computers known as a botnet.

 Its unidentified creators started using those machines for criminal purposes in recent weeks by loading more malicious software onto a small percentage of computers under their control, said Vincent Weafer, a vice president with Symantec Security Response, the research arm of the world’s largest security software maker, Symantec Corp.

 ”Expect this to be long-term, slowly changing,” he said of the worm. “It’s not going to be fast, aggressive.”

 Conficker installs a second virus, known as Waledac, that sends out e-mail spam without knowledge of the PC’s owner, along with a fake anti-spyware program, Weafer said.

 The Waledac virus recruits the PCs into a second botnet that has existed for several years and specializes in distributing e-mail spam.

 ”This is probably one of the most sophisticated botnets on the planet. The guys behind this are very professional. They absolutely know what they are doing,” said Paul Ferguson, a senior researcher with Trend Micro Inc, the world’s third-largest security software maker.

 He said Conficker’s authors likely installed a spam engine and another malicious software program on tens of thousands of computers since April 7.

 He said the worm will stop distributing the software on infected PCs on May 3 but more attacks will likely follow.

 ”We expect to see a different component or a whole new twist to the way this botnet does business,” said Ferguson, a member of The Conficker Working Group, an international alliance of companies fighting the worm.

 Researchers had feared the network controlled by the Conficker worm might be deployed on April 1 since the worm surfaced last year because it was programed to increase communication attempts from that date.

 The security industry formed the task force to fight the worm, bringing widespread attention that experts said probably scared off the criminals who command the slave computers.

 The task force initially thwarted the worm using the Internet’s traffic control system to block access to servers that control the slave computers.

 Viruses that turn PCs into slaves exploit weaknesses in Microsoft’s Windows operating system. The Conficker worm is especially tricky because it can evade corporate firewalls by passing from an infected machine onto a USB memory stick, then onto another PC. 

The Conficker botnet is one of many such networks controlled by syndicates that authorities believe are based in eastern Europe, Southeast Asia, China and Latin America.

Source: Reuters

If you’re shopping for a computer now, there’s an added factor to consider. Later this year, both of the major computer operating systems, Microsoft’s Windows Vista and Apple’s Mac OS X Leopard, will be replaced with major new versions: Windows 7 and Mac OS X Snow Leopard. And that affects what PC hardware you should choose.

So, in this annual spring computer buyer’s guide, I’ll pay particular attention to buying a machine for the new OS you may soon want.

This guide covers both laptops and desktops and is aimed at average users doing typical tasks. It doesn’t apply to hard-core gamers or video, audio or photo professionals.

Cost: Prices on Windows PCs have plummeted. You can buy a Windows desktop for under $300, without a monitor, and a low-end, full-size Windows laptop for around $500. If you are willing to settle for a so-called netbook — essentially just a small, cheap laptop running the aging Windows XP operating system — you can get a decent one for $350, or less. Even Apple, which has resisted this cut-rate trend, is offering modestly lower prices or higher specs for the same prices as before.

Timing: Despite the bargains, you may want to wait to buy, if you can, until the new operating systems emerge. That’s because it’s usually easier and cheaper to buy a new machine preloaded with a new OS. You don’t have to pay extra for the new OS or hassle with performing the upgrade. Neither Microsoft (MSFT) nor Apple (AAPL) has set a date for their new OS releases, but both are likely by the holiday buying season.

This is especially true if you are thinking of buying a Windows Vista machine. Vista is slow and filled with annoying nag screens. Based on my tests of its prerelease, or beta, version, Windows 7 will be a huge improvement.

Windows vs. Mac: Apple’s hardware is beautiful and durable, and its OS is faster, easier and more stable than today’s Windows. Plus, the Mac isn’t susceptible to the vast majority of malicious software. Windows 7 will narrow this gap considerably, but Snow Leopard could keep Apple ahead, depending on how it turns out.

But Apple computers cost more upfront. The cheapest Mac desktop, the bare-bones Mac Mini, costs $599. And the cheapest Mac laptop is $999. So, if price is your top priority, buy a Windows PC. If speed, ease of use and stability matter more, buy a Mac.

Upgrading: Microsoft promises that upgrading a Vista machine to Windows 7 will be a straightforward process, preserving all of your files, programs and settings.

It’s a different story for Windows XP. Upgrading from that OS will be a cumbersome, multi-step process, requiring users to offload their files, wipe out the old operating system completely, and then reload the files and reinstall their programs. This is a particular problem for buyers of netbooks, nearly all of which come with XP.

In addition, Microsoft’s version of Windows 7 for netbooks, called the Starter Edition, is crippled. It can run only three programs at any one time, and won’t allow any customization of the desktop or the use of Windows 7’s snazzy graphical features. Microsoft says netbook owners also will be able to run the main Home version of Windows 7, at extra cost, but given the weak processors and graphics chips on netbooks, the experience may not be optimal.

Apple, which doesn’t make netbooks, claims Snow Leopard will be an easy upgrade on all currently available Macs.

Memory: Neither company has released the official specs for the two new operating systems, but both are likely to require a minimum of 1 gigabyte of memory. Such specs are usually understated, so I strongly recommend 2 gigabytes, even on cheap machines.

Graphics: In the new operating systems, adequate graphics chips will be more important than ever, because the computers will offload some tasks typically performed by the main processor onto the graphics chip. So, if possible, spring for what’s called a discrete graphics processor, which has its own memory. If you can’t afford this, look for an integrated graphics chip, which shares your main memory, that’s as powerful as possible. One example is the Nvidia 9400.

Processor: Microsoft and Apple say current processors will work fine with the new operating systems. The best bet is a dual-core processor. Some bargain machines use an older single-core model, which is OK for light-duty use. Netbooks, and even some laptops and desktops, come with a much wimpier processor called the Intel (INTC) Atom, which struggles at some tasks.

Touch screens: Windows 7 will include the ability to perform many multitouch gestures on the screen. But this will require a special type of touch screen, different from the ones on most tablet PCs today. A few current models, like Hewlett-Packard’s TouchSmart desktop, support this, but not many. So, if you’d like to use multitouch on Windows 7, ask to make sure your PC can handle it.

The bottom line: Don’t buy more machine than you can afford, or need. But protect yourself by getting one that can be upgraded to the new operating systems.

Source:All Things Digital (Walt Mossberg)

The continuing market growth of online social networking services seemingly knows no bounds after a new report this week revealed that the likes of Facebook and MySpace are now officially bigger than personal e-mail.

According to a survey conducted by Nielsen examining the online habits of UK-based computer users, 66.8 percent of respondents said they spent a considerable amount of time logged in to social network sites and blogging services – marking a growth rate some four times quicker than other listed usage categories.

Moreover, the Nielsen survey found that average online users plough around ten minutes of every hour into social destinations such as Facebook, MySpace and Bebo, making them “a fundamental part of the global online experience.”

“Social networking will continue to alter not just the global online landscape, but the consumer experience at large,” commented Nielsen Online chief executive officer John Burbank in an accompanying statement.

While online search remains the top point of entry for the online masses thanks to a usage rate of 85.9 percent, the growing appeal of social networking and blogging has seen such community-based pastimes surpassing e-mail communication, which places fifth on Nielsen’s results with 65.1 percent usage.

Interestingly, while member-based communities are generally regarded as being populated by a younger portion of the online demographic, the Nielsen survey discovered that the fastest growing age group using such services is actually placed between 35 and 49 years of age – while more than a quarter of Facebook’s UK users are actually over 50 years old.

Source: The Tech Herald

April 1st came and went, and the Internet didn’t completely melt down as many were certain would happen. But Conficker is still out there, alive and well, much to the gross confusion of a scared technology-using populace. So what now?

Security company F-Secure published a helpful guide late last week about what Conficker can still do, when it could happen, and where we go from here. I won’t rehash their entire Q&A here — just click on over to F-Secure and check it out — but I do want to address some of the biggest questions about Conficker that I’ve received, including answers to some that aren’t covered on F-Secure’s Q&A page.

Q: How do I know if I have Conficker?
A: Probably the most common question I’ve been getting. Easiest way: Click this link and look for the images on the Conficker Eye Chart. If images are not showing up, you might have the worm. (Scroll down that page for details.)

Q: Now that April 1 has passed, do I still need to be worried?
A: Yes. Conficker is now live and waiting for instructions from its creators. Those instructions simply haven’t been delivered yet but could come at any time.

Q: Why not? Is this all just a joke?
A: It’s absolutely not a joke. The creators were in part thwarted by massive efforts to keep Conficker from spreading but are also likely to be lying low for now until the heat over Conficker dies down a bit.

Q: Who made this awful worm?
A: No one knows, but it is suspected to have originated in China. Microsoft’s $250,000 bounty on the creator still stands.

Q: Did the security software companies make this thing just to drum up business?
A: No. Trust me, they’re plenty busy with real malware attacks to need to write their own.

Q: How do I get rid of Conficker if I have it?
A: If your regular antivirus software is ineffective, this page has links to nine removal tools (scroll to the bottom).

Q: When will this ever end?
A: Probably not for a long time. As the F-Secure page notes, not “until all the computers are cleaned up or until the people behind it decide it’s not worth it anymore.”

Q: Why do people write all this horrible malware?
A: Easy: For the money. Most malware doesn’t just wreak havoc on your computer any more (deleting files and the like), now it usually turns your PC into a spam-sending zombie or harvests financial information from your system, all while you’re unaware of it. All of that translates directly into cash for the creator of the malware… and I guess that’s a lot easier than finding a job.

Source: Yahoo Tech (Christopher Null)

With Windows 7, Microsoft is hoping to have an operating system that people won’t want to downgrade from. That said, it does plan on offering users that option.

Downgrade rights have long been a part of the Windows license for certain versions, particularly for businesses. That said, the option gained notoriety with Windows Vista. With Vista, the downgrade right was not only marketed by computer makers, but, once Microsoft stopped selling XP, some PC makers sold Vista machines that were “pre-downgraded” to Windows XP.

Microsoft is actually expanding that Vista downgrade rights program slightly, the company confirmed on Monday. Under the new program, PC makers will be able to ship pre-downgraded machines based on anticipated demand for those systems. Until now, computers makers could only ship XP-downgraded machines if a particular customer had specified that is what he or she had wanted.

Also, as noted earlier Monday by ZDNet blogger Mary Jo Foley, Microsoft plans a similar program for Windows 7, allowing users to go back not only to Vista, should they choose, but also to Windows XP.

Microsoft hasn’t detailed exactly how downgrade rights will work with Windows 7–beyond confirming that users will be able to go back to XP–but presumably the rights will be attached to the Ultimate and Professional versions of Windows 7.

Businesses with volume-licensing deals covering Windows have long had the right to use any earlier version of Windows with their PCs.

Source: CNET NEWS

A computer virus that has wormed its way into millions of PCs was activated today… but with little effect.

The Conficker virus, which has infected up to 15million computers since last autumn, has so far lurked harmlessly – but experts were braced for it to change the way it operated first thing this morning.

The ‘worm’ started looking for new instructions on what it should do next by scanning 50,000 different websites at midnight last night.

Experts feared the virus was about to be used by its creators to control an army’ of 15 million ‘zombie PCs’ to steal bank details, send spam emails or even crash a major website.

But so far, very little has taken place.

A Washington Post blog claims a nuclear missile installation near Elmendorf Airforce Base in Alaska briefly went on a full-scale military alert after technicians suspected  several of their control systems were infected with Conficker. However, this has not been corroborated.

‘Conficker has activated,’ said Patrik Runald, chief security adviser at F-Secure.

‘So far nothing has actually happened.’

He said the Conficker creators were unlikely to strike on a day when so much attention was directed on the virus.

‘These guys have been pretty smart until now – the worm is unfortunately very well done,’ Mr Runald said.

‘So far they haven’t been stupid. So why should they start on April 1?’

Conficker, which is also known as Downadup or Kido, is a ‘worm’ virus that exploits a gap in Microsoft Windows software. It affects computers through the internet and infected memory sticks.

The worst affected area is Asia where there is a higher proportion of pirated copies of Microsoft operating systems. These computers do not receive anti-virus updates that licensed Windows users are provided with, and therefore cannot be protected from the virus.

Parliament, the Ministry of Defence and several NHS trusts have been infected, as well as home computers.

Botnets have been used in the past to generate millions of pieces of spam email and to blackmail websites by threatening to temporarily knock them out.

It would do this by simultaneously sending a massive numbers of search queries or generating millions of pieces of spam email to knock websites offline through the sheer weight of connections.

In a worst case scenario, some experts even believe that Conficker has been designed to create a so-called ‘Dark Google’ – a search engine for criminals which will allow them to look for data on any of the 10 million infected PCs and then sell it on.

Conficker is able to guess administrator passwords used by networks of computers and is able to disable anti-virus software once it has gained access to a system.

Today, Conficker is generating 50,000 domain names and systematically try to communicate with each one.

Whoever developed the virus will then just have to register one of these domain names in order to take control of the millions of zombie computers that have been created.

Mikko Hypponen, of antivirus software firm F-Secure, said: ‘It is scary thinking about how much control a hacker could have. They would have access to millions of machines.’

Experts are sceptical about whether today is the day the worm will turn, but urge the public to ensure their anti-virus software is up to date. 

Security patches can be downloaded from Microsoft, which has offered a £175,000 reward to find the culprits.

One sign of already being infected is being blocked from visiting the websites of anti-virus companies such as McAfee. 

Graham Cluley, of internet security company Sophos, advises people to rid their machines of the worm as soon as they can.

He said: ‘There is no reason to believe that there will be any instructions for Conficker to receive on 1 April,’ he said. ‘They could just as easily be delivered on 2 April, 4 April, 25 May or never.

‘This network is large and the whole world is going to be watching everything it does.

‘You could argue it is a victim of its own success because it is going to be difficult for it to do anything under the radar.’

Mikko Hypponen, of antivirus software firm F-Secure, said: ‘It is scary thinking about how much control a hacker could have. They would have access to millions of machines.’

How do I know if my PC has been infected?

Conficker finds vulnerable computers and automatically disables security services and blocks access to anti-virus websites.

You might be infected if your internet connection is running particularly slowly.

Find out whether you already have Conficker by using Microsoft, Symantec or a McAfee security tool.

How do I stay safe?

Make sure your PC is running the latest version of anti-virus software such as Norton or McAfee.

Make sure any USB devices you use on your PC are from trusted sources – Conficker downloads files when an infected USB is used on a new PC

Update your PC with all the latest ‘patches’ from Microsoft – available from Microsoft’s website.

If your PC has been infected with the virus you can download Microsoft’s Malicious Software Removal Tool from the website. If the virus blocks this then ask a friend with an uninfected computer to download it and email it to you.

Source: Daily Mail