Like a city besieged by a wannabe criminal announcing his next act, the cybersecurity industry is in a wait and see mode to see what the Conficker worm (also known as Downadup) will deliver on April Fool’s Day.  

Security researchers are monitoring this latest viral scourge and estimate between 5 and 10 million computers are already infected. But as with many modern Trojans or “bots”, most people won’t even know they are infected. The way your computer “might” be infected is via Windows operating system vulnerabilities. For those global customers using pirated or illegal copies of Windows software, this is your wakeup call to get on board and use the “right stuff.” One of the things this software does is disable your computer’s ability to get updates from Microsoft. You should check to make sure you are receiving the latest patches and updates.

Most consumers get enormously frustrated by reports of these widespread virus and malicious threats.

“Who created this?” and “What is their motivation?” are the first questions I hear. Usually the next question is “Will they get caught?” While we don’t yet know who is behind this, there is more possibility we’ll nab the bad guys/girls because a group of cybersecurity researchers are banding together on this one, motivated by a $250,000 bounty offered by Microsoft Corporation.

What’s also frustrating is though the researchers can tell the software will act on April 1 (that’s called the “payload”) it’s anyone’s guess as to what the software will actually do. It has the ability to take command from a remote controller or “master” and the range of harm could be a full wipe of the victim’s computer or interruption of normal activities to installing spy software that monitors keystrokes. We may get our best clue at possible intentions from looking at previous versions of this scourge.

Considering the payload of earlier variations of Conficker (this new one is called variant “C”), it’s possible that on April 1^st victims will be seeing pop-up messages and alerts encouraging them to purchase fake antivirus spyware with unusual names like “XP AntiVirus”. That implies the primary motivation for Conficker is to make money by selling this fake software.

Smart computer users can stay away from this criminal April Fool’s joke by checking their computer’s updates, using strong security software (and keeping that up-to-date) and not falling for “too good to be true” offers for the latest security software from vendors you’ve never heard of.  It’s also a best practice to run your backup program today to make sure April 1^st doesn’t become the day you realized your taxes wouldn’t be done in time because your computer got fried by a worm.