The third Conficker malware variant in infected machines is set to activate April 1, says the director of threat research at CA where the malware sample first discovered last week by Symantec is being examined.
"It's set to go off April 1, 2009 and Conficker will generate 50,000 URLS daily," says Don DeBolt, CA's director of threat research.
Generating that many URLs is a way to hide where it may be calling to download instructions from those who designed it to infected machines. It's not known exactly what those instructions might be but it could involve downloading more malicious code or destroying files. (Learn how to protect your systems.)
Antivirus vendor Symantec has also warned of a third wave of Conficker attacks.
CA says it has some ideas about where Conficker originated but isn't discussing that at present.
This story, "New Conficker Expected April 1" was originally published by Network World.