Malware Bomb
Home Malware Sleeper Virus – Downadup or Conficker Worm Warnings

Sleeper Virus – Downadup or Conficker Worm Warnings

by Brett M. Christensen

This story was first published in January 2009. 

Back in 2009, messages that circulating via email, blogs, and online communities were warning computer users about a “sleeper” virus dubbed the “Downadup” or “Conficker” worm. 

These warnings were true although some media reports about the potential consequences of a supposed April 1st 2009 launch of the sleeper virus tended to be exaggerated.

According to CNN and other news outlets, the worm exploits a bug in Microsoft Windows that allows it to infect computers linked via corporate networks. Once installed, the worm can potentially allow hackers to take control of the infected computers.

The worm has caused concern among computer security experts because it is so widespread with large infections detected in the US, Asia and Europe. So far, however, the worm is yet to cause any harm to the infected networks, hence its designation as a “sleeper”. A January 16 2009 article on CNN noted:

It is the most serious large scale worm outbreak we have seen in recent years because of how widespread it is, but it is not very serious in terms of what it does. So far it doesn’t try to steal personal information or credit card details.

An article published on CRN.com explained:

Like other malware, the worm known as Conficker or Downadup is a blended threat, relying upon a variety of attack vectors, which range from brute-force password guessing to hitching rides on USB sticks, in order to replicate and spread throughout a network. However, what experts say makes this worm unique is the rate of speed at which it replicates.

Although the potential threat is certainly real, computer security experts suggest that some media reports surrounding the supposed “launch” of the worm on April 1st 2009 tend to seriously exaggerate its potential consequences. Some of the more sensational reports claim that on April 1st hackers will be able to take control of millions of computers around the world with potentially devastating results. 

In spite of these reports, computer security experts are telling computer users there is no need for panic. An article by security expert Joe Stewart published on the SecureWorks research blog noted:

If you’ve been reading any news at all on the Internet in the past week, you’ve probably heard that Conficker Armageddon is approaching, and it’s scheduled for April 1st, only a few days from now. The SecureWorks Counter Threat Unit has been receiving an increasing number of inquiries asking what one needs to do to prepare for the impending April 1st outbreak.

The truth is, there will be no April 1st outbreak, despite what some of the press stories have said so far. The only thing that will happen with Conficker on April 1st is that already-infected systems will begin to use a new algorithm to locate potential update servers. There, that’s not so scary, is it?

Stewart’s take on the issue is confirmed by other security experts:

Despite the hype surrounding the April 1 “launch” for the Conficker, or Downadup, worm, security experts from Symantec and McAfee say there’s little to worry about. Although the authors of Conficker have consistently improved the worm, the media attention makes a criminal move on April 1 unlikely. Security best practices should protect most PCs. Despite security analysts insisting that April 1 is only a red herring, the Conficker malware hype keeps growing as April Fools’ Day approaches. Indeed, the doom and gloom is persisting even as security researchers offer a voice of reason.

Users of Microsoft Windows should ensure that the latest Windows security updates are installed on their computers.

Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer