The Conficker Worm: What Happens Next?

60 Minutes: Computer Worm Could Receive New Instructions On April 1

A correction: 60 Minutes made a mistake in using a photograph in our story called "The Internet is Infected." The picture was described in the story as a group of young Russian computer hackers which was inaccurate. The picture, provided to us by an Internet security company, had appeared on a Russian hacker magazine Web site.



The Internet is infected. Malicious computer hackers have been creating more and more weapons that they plant on the Internet. They call their weapons viruses and worms - they're creepy, crawly toxic software that contaminate our computers without our ever knowing it. You can be infected by simply visiting your favorite Web site, or just by leaving your computer on, overnight while you're asleep.

And the problem is growing, exponentially. Last year the number of infections tripled. And an entire industry of computer security professionals is in a race to keep the hackers from their goal, which is usually to steal your money.

One of the most dangerous threats ever, a computer worm known as "Conficker," is spreading through the Internet right now. By some estimates, 10 million computers have been infected worldwide.

CNET Conficker FAQ


How to protect your computer

At Symantec, the company that makes Norton anti-virus software, engineers have been tracking Conficker since last November as it worms its way across the globe.

"This map is showing a visual representation of where all of the known infections of Conficker are across the world," explained Steve Trilling, a Symantec vice president who says the worm is now living on millions of computers, mainly in corporations.

So far, the bad guys who created it haven't triggered Conficker. It's just sitting out there like a sleeper cell.

"Imagine a network of spies that has infiltrated a country. And every day, all of the spies are calling in for their instructions on what to do next," Trilling explained.

Asked what the worm is being asked to do, Trilling told Stahl, "That's the interesting thing. The only thing the worm is being asked to do is to ask for further instructions."

For several months, Trilling says the worm has just been sitting there, awaiting instructions,

It's that ominous, because once the hackers issue instructions, Conficker could turn menacing in an instant.

With one click, the worm's creator can instruct it to suck sensitive data, like bank passwords and account numbers, out of millions of computers, or launch a massive spam attack to clog up the works.

The newest targets of worms are social networking sites. Trilling demonstrated to Stahl how it might work.

Looking at a real Facebook page, Trilling explained, "We added your friend and colleague Morley Safer, you can see down there on the left."

He says a worm can crack into a Facebook account, like Morley's, and send a message to anyone on his friends list.

It's a message a friend or colleague, like Stahl, would be sure to open since it comes from a trusted friend. Stahl took the bait and clicked on what looked like Morley's video link.

"Something looks a little off," Trilling remarked. "You're already infected."

As Trilling demonstrated on a second screen, the hacker "owned" Stahl's online movements. "From here on out, everything you do, gonna show up on the hacker's machine," he explained.

So when Stahl typed her username and password into a bank Web site, it appeared instantaneously on the hacker's screen, along with her bank account details.

"Every single keystroke you hit, in fact, if you make a mistake and hit a backspace, that shows up in the window," Trilling explained.

The hacker then followed her around, as she browsed the Internet from CBS News to Amazon.com.

"So, if I buy something, they're gonna have my credit card," Stahl remarked.

"Everything you type in, your address, your credit card, it's all gonna show up in that window," Trilling warned.

The Internet has become a minefield. Hackers have hidden their malicious software known as "malware" on some of the most trusted Web sites, like eBay, the Miami Dolphins football team, even my.barackobama.com.

Trilling says too few people have top-notch, up-to-date security software.

"There is something that would have prevented me from answering Morley's message. Or I would never have gotten Morley's message?" Stahl asked.

"As soon as you clicked on that link and you had security software, you would immediately get an alert. 'This is a bad Web site.' And it would have blocked the attack. You would have never been hit. Putting on that software, you're preventing yourself from becoming a victim," Trilling advised.

  • CBSNews

60 Minutes App

New Look. New Season. The 60 Minutes app for iPad, iPhone and iPod Touch!

More from 60 Minutes