We're still not sure if the reason that Conficker infected machines are all quiet so far is because nothing has been triggered, or because whatever has been triggered is so hush-hush, that we're just not aware that it is happening even!

If it's really low-key, the owners of infected machine might not notice (see Article "Will the conficker "event" go unnoticed by those infected?" Yesterday).

What is known is that a few "small" events have happened - Big Ben, the clock in Parliament Square, London, UK was affected, and the time was apparently changed on the famous clock.

Another attack was noticed at a Nuclear Missile base which triggered a full scale military alert - signs that I was indeed correct that our security might be compromised when questioned on the radio (600KCOL in Loveland, CO) yesterday.

So do we still expect a MAJOR EVENT?!??!

Posted by Greg Hewitt-Long in Adware, Spyware and Trojans at 06:51

Whether tomorrow is a day in cyber-crime history or not, we are predicting that even the infected machine owners will probably not notice anything different from the 31st of March.

As you may know, industry experts are predicting that April 1st 2009 will be a cyber-crime bonanza unleashed by the owners of the Conficker trojan/worm combo. Those who are already infected have probably already had their financial information compromised - and their PCs will already be sitting waiting for their instructions on what to do next.

There are a number of things that could be set in motion:

1. mass destruction of personal data on the host computers - this is the LEAST likely outcome.

The owners of this botnet are not going to trigger a self implosion of their own greatest "asset" - they need these computers to remain infected, and to continue to do their bidding.

2. Massive amounts of UCE (unsolicited commercial email)

Most botnet owners rent their bots in blocks to people who are in the UCE or spam business - these people send out bulk email which is the regular junk email you get on a daily basis. The more successful owners of these botnets do it in a drip-feed manner - that way if it is your machine that is infected, you would not notice the resource drain, or the slow-down on your internet connection. By being crafty and stealing only a few cpu cycles, or a little of your bandwidth- you are less likely to run cleanup programs and remove your computer from the bot collective.

Posted by Greg Hewitt-Long in Adware, Spyware and Trojans at 12:50

Cybercriminals have been exploiting an unsigned message asking users whether they trust a file download for a diagnostic patch called PIFTS.exe from Symantec for Norton Anti-virus.

The file was distributed without a signature for three hours on Monday to users running Norton's 2006 and 2007 versions. When users began posting blogs questioning the file’s legitimacy, cybercriminals caught on and began poisoning results so that malware sites would turn up higher in search results for PIFTS.exe.

Posted by Greg Hewitt-Long in Adware, Spyware and Trojans at 12:03

Appointments for cancer patients had to be rescheduled after a computer virus infected the networking systems at two Scottish hospitals last week.

The infection of laboratory PCs at the Stobhill and Gartnavel General hospitals meant the bookings of 12 patients attending the Beatson West of Scotland Cancer Care Centre in Glasgow were postponed, The Glasgow Herald reports. Systems were taken offline for two days to allow computer technicians to clean up the mess.

The Herald compares the outbreak to the infection of systems at three London hospitals by the MyTob worm four months ago. The malware outbreak at St Bartholomew's, the Royal London Hospital in Whitechapel and The London Chest Hospital meant ambulances had to be briefly sent to other hospitals and meant that some appointments had to be rescheduled. In a small number of cases, medical staff had to fall back onto pen and paper backup systems. An independent review concluded the outbreak was "entirely avoidable".

Posted by Marjorie Dare in Adware, Spyware and Trojans at 16:47