Who is the April Fool?

I kept telling everyone to worry about being secure, not about Conficker. Some people listen, some don’t. So what happened over about the past 24 hours?

According to ESET’s ThreatSense.Net, by about 2 PM GMT on April 1st, of the top 20 threats encountered by our users in the past 24 hours, four out of five of them were NOT Conficker. About 16.17% of the threats were online game password stealing threats. Another 21.5% were threats that were not Conficker and were trying to use Autorun to infect computers. 9.72% of the threats were something we call Win32/Agent, which tries to steal data from your computer. Yes, 80% of the risk was not Conficker but 99% of the attention was on Conficker. Does that make sense to you? Can you imagine crossing the street and ignoring 4 out of 5 cars? Do you think you’ll live long?

If you are taking the proper precautions to protect against those other threats, then Conficker is not an issue. Dedicated Conficker detection tools are really pretty silly to the rational mind. If you go to the doctor with typhoid, malaria, smallpox, and measles, do you really want the doctor to only check to see if you have the flu? You’d sue for malpractice, so why be as negligent with your computer?

One other thing….. The version of Conficker that has the April 1 trigger does not appear to spread. It appears to only affect machines that are already infected. More on that in a later blog.

If you’re scanning for Conficker instead of for all malware then that is the real April fool’s joke!

Hype is free, why buy it?

Randy Abrams

Author ESET Research, ESET

  • Zoltan

    I would recommend and excellent book about hype, fear-mongering and the “news generation machine” of mainstream media. That is “The Science of Fear” from Daniel Gardner, just finishing it up reading and recognized the Conficker story as a very typical example of how focus is distorted as you are pointing it out in previous posts.

  • http://www.seo-webz.com Slatz

    Randy, I agree, the hype was astronomical on conficker. I have to admit I wrote a couple of articles about it just to cash in on some traffic to see if I could sell some of your anti virus product.

    You have to admit the extra traffic is nice. The best thing about the whole thing is people are listening and disabling autorun the proper way, so not all is a lost cause.

    • Randy Abrams

      I’d much rather see people buy securiy products because they are informed than hyped. A fearful purchaser learns nothing of security and security is a lot more than installing software.

  • http://whatareyouwatching.uni.cc Television Voyeur

    I agree way too much hype and paranoia. I’m still waiting to see the overall effect. I blame the news channels mostly, they’ve been working out and really scaring people about this – and other *let’s just say anti-virus companies* are trying to push their products with this scare.

  • Josh

    I agree, people need to protect their computer, do their updates and stop get fearful of the talk heads on TV!

    BTW, I love your anologies!

    -josh

  • jcanto

    “A fearful purchaser learns nothing of security and secuirty is a lot more than installing software.”. Amen!

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

1 article related to:
Hot Topic
01 Apr 2009
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.