Approximately 10 million computers are believed to be infected by the Conficker virus, which is programmed to contact its creators on April 1 and receive new instructions that could create a massive spam-spewing botnet, or other actions that could compromise millions more machines.

Some analysts, however, argue that due to the hype the so-called "instruction" might change to a

Haji Mas Zuraime bin Haji Abd Hamid, Senior Operation Officer at the ITPSS, said the Conficker C virus was the focal point of discussions for at least two weeks at the Asia-Pacific Computer Emergency Response Team (APCERT).

ITPSS is the appointed national computer emergency response team (CERT) for Brunei and is the country's pioneer in security research, security-related products and services pertaining to Intelligent Risk Management.

He said it was revealed that the virus Conficker C has so far does not contain any ".bn" links, therefore it is a good sign that the virus has not invaded Brunei yet. However, he said there is no confirmation on this yet and the virus may eventually spread.

The worm first appeared in late November, exploiting vulnerability in Microsoft Windows to spread unhindered on local area networks. Its goal is to install rogue software on infected computers. Microsoft issued a patch for the vulnerability, but users who haven't installed it are open to infection as the worm spreads through portable USB flash drive.

Two main variants of the Conficker worm had been dealt with in the past, dubbed Conficker A and B. The latest variant C discovered on March 4 is an improved version. Variant C creates an ad-hoc peer-to-peer network to push and pull payloads over the wider Internet. This aspect of the worm is heavily obfuscated in code and not fully understood, but has been observed to use large-scale UDP scanning to build up a peer list of infected hosts and TCP for subsequent transfers of signed payloads. To make analysis more difficult, port numbers for connections are hashed from the IP address of each peer.

Haji Mas Zuraime said the fact that it is generating an expanded list of compromised domains, makes it extremely difficult to trace. It's not impossible but almost vulnerably impractical, he told the Bulletin.

Akfash Latibu, a Microsoft-certified trainer at TechDistribution, said at the moment it is better not to search the virus on the Internet as a precaution because users may accidentally and unknowingly download the virus through one of its many links.

Experts in Brunei have urged users to update their anti virus software such as those from Symantec and McAfee and patch their window operating system with the latest update while implementing best security practices into their daily computing routines.

Akfash said though updating your window operating system might not make a computer system completely immune to the virus that keeps on improving itself, it is a necessary mitigating step.

However, security firms such as Symantec and McAfee said the public should not panic or be alarmed.

Symantec said the worm certainly is an issue of concern, but the probability of a major Downadup-related cyber event on April 1 is not likely. In reality, author or authors of the virus probably don't intend for this Malware to get as much attention as it has.

While McAfee said it doesn't know the intent of the authors of the Conficker worm, it is certain about one thing: They have consistently improved the worm by adding new functionalities and anti-debugging tricks with every released variant.

According to PC magazine, researchers have now found a way to identify infected computers on the network. The technique works by identifying unusual error messages that are generated when infected computers are contacted over a network. The report said that major enterprise security software systems such as those from McAfee circle have been updated with the new information.  -- Courtesy of Borneo Bulletin