Conficker Computer Worm 'Tamed'?

New software detects "doomsday" computer worm.

ByABC News
March 31, 2009, 11:57 AM

March 31, 2009— -- The Conficker computer worm -- even if it does nothing much to the world's computer networks -- seems to have created an international state of anxiety. But some computer scientists say they may have the bug under control.

"We pulled off a bit of a coup," Dan Kaminsky, a computer security specialist for the firm IOActive, wrote in an e-mail to us.

What did they do? Well, Conficker, sophisticated as it may be, is really nothing more than lines of code -- letters and numbers, written by hackers -- which Kaminsky and colleagues have been able to read and probe for mistakes. Over the weekend, they report, they were able to create a detection tool that would show computer network operators if their systems had been infected.

"We saw an opportunity to manage the risks that Conficker introduces in a clean, straightforward manner, with just a little bit of work over a weekend. I'm pretty happy it worked out!" said Kaminsky.

You may recall that computer engineers said Conficker seemed quite sophisticated for a piece of so-called "malware." It is not, strictly speaking, a computer virus; instead, it seems designed to get stealthily into people's machines and take control of them en masse -- though just for what, is unclear.

Once it infects a computer, it contains instructions to contact some faraway command center for further instructions April 1. More than one engineer thought it was possible the whole thing was an elaborate April Fool's joke -- though if so, its creator, or creators, went to an awful lot of trouble for very little.

Kaminsky was among the more sanguine members of the "Conficker Cabal," the loosely knit team working on the problem. (They've since renamed themselves the Conficker Working Group.) He thought it quite possible that on April 1, the world would wake up to -- well, to nothing. People called it the "doomsday virus," but Kaminsky said if all those infected computers did, in fact, receive commands from somewhere, they would not exactly explode all at once.