LifeLock Blog

April Fools day is over, and the Conficker is out of the headlines, but that doesn’t mean it’s gone.

Conficker is still reaching out to 500 more websites every day, and the infected computers are still talking to each other through peer-to-peer protocol (p2p, just like file-sharing application LimeWire), but so far they don’t seem to be chatting about much more than the weather.

The real damage will come when the Conficker worm receives its next command, but nobody knows for sure yet what that will be. Expectations are that Conficker is a mashup of sophisticated malware, bent on massive identity theft.

There is, however, a chance that Conficker’s mission is more sinister. France’s Navy’s computer network was infected in January, resulting in the grounding of aircraft at several bases. As well, the U.K. Ministry of Defense was hit especially hard, with administrative desktops and Royal Navy submarines infected. Another 800 computers in hospitals in Sheffield also reported infection.

The Conficker Working Group (CWG) estimates—broadly—that somewhere between 3 million and 15 million computers are infected, but only 6% of them are in North America. Vietnam, Brazil, the Philippines, Indonesia and Algeria have been hardest hit.

The CWG, a task force comprising 27 tech companies including Microsoft, McAffee, Facebook, Kasperky and Symantec, warns that 30% of computers running on the Microsoft operating system aren’t protected with the latest Conficker protection patches; those are the computers most at risk of infection.