INSECURITY EXPERTS have admitted that the Conficker worm has baffled them.
The worm has infected more than five million computers in a botnet that could take out the Internet in some countries. The Sydney Morning Herald said Conficker was powerful enough to shut down the Internet in Australa, if the current government does not do it with its censorship software first.
Rodney Joffe, a director of the Conficker Working Group formed to defeat the worm said, "The general agreement in the security world is that Conficker is the largest threat facing us from a cyber crime point of view."
The worm, which spreads rapidly among personal computers by exploiting a flaw in Microsoft Windows, first surfaced last November.
According to Joffe, "it has proven to be extremely resilient. It's almost impossible to remove."
Infected PCs are dragooned into a "botnet" controlled by the Conficker worm's unknown authors, which security researchers fear could be used to launch cyber attacks over the Internet.
Conficker had built-in mechanisms to prevent people from scanning their computers with anti-virus software.
The worm also spreads without the users having to do anything other than switch on their computers.
If a network admin can disinfect 99 machines out of 100 and one is still infected, it will begin to try to reinfect the others again.
While other botnets are destroyed by disabling the command server, with Conficker the location of this server changes every day and state-of-the-art cryptography means it's almost impossible to crack.
"The best minds in the world have not managed to crack the code behind this yet," Joffe said. µ
But it might never see the light of a PC bay
It's nothing we haven't seen before, but it's still the best iPhone yet
Firm gives scanner flaw the finger
Ermine is the same but stoat-ally different