I have a pretty good feeling that on April 1, the joke will be on us.
Us, being the media, which has flocked to news that on Wednesday, Conficker's
code is programmed to contact some 50,000 websites for more instruction -- which conceivably could give the millions of compromised machines the power to do almost anything. The major news outlets are fully on board
with this story, because, after all, who doesn't love to report on a doomsday scenario
(SC Magazine is planning its "What will happen?!?!" expose next week).
The possibilities are real, of course, if the botmaster really got serious about what is under his (her?) control. A massive DDoS attack could be launched. A mega spam campaign could be unleashed. Historic amounts of confidential data could be hijacked.
Or, perhaps, searchable and sellable data -- as one researcher told The New York Times:
What if Conficker is intended to give the computer underworld the ability to search for data on all the infected computers around the globe and then sell the answers?
While I'm one to typically fall for the hype -- or at least Armageddon prognostications
-- this one I'm not buying. I'm going with the prediction of SophosLabs Global Director Mark Harris who told me today that he thinks next Wednesday brings nothing more than infected machines getting an updated version of the worm.
That's what I'm betting on.
Then again, I'm not really the best gambler. I had UCLA going Final Four. Maybe we should ask this guy
what he thinks.