As expected, Conficker stays quiet

The much-hyped Conficker botnet has passed its April 1st update mark without causing any major incident.

Researchers said on Wednesday that though the infected machines did appear to attempting contact with an update server, no other activity stemming from the infections had been reported.

"We had several readers contact us over the past 24 hours with some minor impact but so far no reports of anything newsworthy," Sans researcher Marcus Sachs said in a blog posting Wednesday morning.

"Many organisations have been proactive about scanning their systems and finding either unpatched or Conficker-infected computers that were subsequently removed for repair."

The day provides a rather anti-climactic end to what some had predicted would be a major computing crisis.

When news emerged that machines infected with the Conficker.C worm would be connecting to a control server on April 1, many speculated on a possible attack.

That speculation picked up further steam when large news outlets picked up the story and some pundits predicted that the update could trigger a catastrophic series of attacks.

Those charged with researching and analysing the worm, however, suggested that the update would likely be a non-event.

Experts noted that the criminals who owned and operated the botnot would not want to risk losing the valuable network by triggering a major attack.

"Setting an attack to happen in the future and leaving the specifics of that attack in plain sight mostly serves to give everyone a chance to prepare for t he attack and defend against it," noted 451 Group analyst Paul Roberts.

"It’s kind of like those hopelessly complex executions in the James Bond films. Why tie the guy to the table then wait for 30 mintues for the laster to cut him up? If you want Bond dead, just shoot him in the head execution style and be done with it?"