From TrendMicro.com (http://us.trendmicro.com/us/threats/conficker-worm/)

Also see a letter on Conficker and viruses from Luke Wignall, CKT Managing Partner...Read Here!


The DOWNAD/Conficker Worm

conficker wormBackground
The first samples for the Conficker/Kido/DownadUp (detected by Trend Micro as WORM_DOWNAD.A) were discovered in November 2008 with new samples (detected as WORM_DOWNAD.AD and WORM_DOWNAD.KK) arriving in early 2009.  DOWNAD exploits a vulnerability in Windows that Microsoft patched (MS08-067) in October.

DOWNAD.AD added the ability to spread through network shares and removable storage devices (e.g. USB drives) using the AutoRun function in Windows. 

DOWNAD.KK shuts down security services, blocks infected computers from connecting to security websites, and downloads a Trojan. It also reaches out to other infected computers via peer-to-peer communications services, and includes an algorithm to update infected PCs.

What’s the goal of this worm?
It appears that the goal of this worm is to create a large botnet of infected PCs so that its creators may at some point send spam, steal personal information (user IDs, passwords, credit card info, etc.) and direct users to malicious websites used for phishing or downloading additional malware.

What’s happening on April 1st?
On April 1st, 2009, the latest variant (WORM_DOWNAD.KK) will begin to modify the way in which it communicates with other infected botnet nodes (PCs, servers), and will also increase the number of machines it attempts to contact in order to infect them.  There is no evidence that the worm will do anything beyond modifying its communications methods. 

Scan Now. It's FreeHow do I know whether my PC is infected?
For CKT Technology Management (TM) customers we are already confirming your patch levels and definition status to keep you as safe as posible and will be ready in case of infection.

On Call customers, or for any questions of concerns, please contact the help CKT helpdesk at helpdesk@ck-tek.com or 303-831-1101 for immediate assistance. 

For home users, you can your PC using your Trend Micro product or HouseCall to see whether you are infected.  If you discover that you are infected, find instructions for removal below:

How do I protect my PC from being infected?

  • Immediately install patches/updates for MS08067 and other vulnerabilities as soon as vendors release these patches.  Configure your PC to receive automatic updates and patches from Microsoft and software vendors.
  • Make sure your security software is up to date.
  • Disable the “Drive Auto-run” feature to avoid infections from USB drives.
  • Employ secure passwords using a combination of letters, numbers and symbols and frequently change them.
  • Take caution when searching online for DOWNAD and Conficker information.  There are reports of rogue antivirus packages that are taking advantage of the situation.  They will tell you that you are infected and ask you to pay money to download their application, which in many cases turns out to be malware.

Additional Information:

Additionally, this threat is an example of the new breed of Web threats being developed by cybercriminals who use multiple techniques and protocols to infect and propagate their attacks.  The Trend Micro Smart Protection Network blocks threats before they can enter your network and our correlated in-the-cloud web, email and file reputation databases allow us to quickly analyze and block new threats as they appear.  Smart Protection Network powers many of our consumer, SMB and Enterprise solutions today.  Email us today to learn more or to order or renew now and get protected! sales@ck-tek.com

 
Newsletter
CKT virus ALERT!

See our Conficker information page here!


If you have any concerns or questions please call our helpdesk at 303-831-1101 or by email at helpdesk@ck-tek.com

CKT is proud to be an Apple reseller!

Easily the coolest technology on the planet!  The Mac Air, sized to fit in a manela envelope, the Mac Pro, a supercomputer for the office or home! > MORE 


CKT now offers fully integrated Monitoring!

Leveraging Ingram Micro's partnership with Level Platforms we are able to bring Enterprise class services to our Small and Medium Business customers! > MORE


CKT welcomes Absolute Solutions! 

Summit County's long standing IT support company, Absolute Solutions has joined our team at Common Knowledge Technology.  We welcome the clients and customers of the surrounding communities and look forward to bringing a new level of service and support. > MORE



CKT welcomes C3! 

The team at Common Knowledge Technology welcomes the clients and consultants from Classen Computer Consulting of Colorado Springs. We are very excited to bring our two groups together and continue to provide the highest level of support for all of our combined customers!  > MORE

Novell Linux Practicum Testing

Novell Authorized Testing Partner

CKT is proud to be Colorado's only Novell Authorized testing center for the CLP and CLE practicum tests!

 

Ready for the challenge of the Certified Linux Professional, or Engineer, practicum tests?  If so then call today to schedule a test and show the world you have the skill to deploy, support, and manage Linux environments.

 

If you need to start training to take these tests please begin with Novell's Certification Website.  There you can begin learning about the steps required to earn these powerful certifications!

New Services!
The CKT Help Desk!
Email:
  helpdesk@ck-tek.com
Phone:  303-226-9066 ask for Help Desk!
Help Desk!
Answering your emailed or phoned support requests!


We now offer SSL certs for your secure server and web services!


SSL Partner