Well, it’s simple, you’re SCREWED, so just start the wiping and rebuilding process and don’t waste time trying to clean it up.  This is not one of those small time threats that you can clean up and rest well knowing that you’re ok. This is a new level of sophistication that took serious time, effort and though into creating and mapping out its deliverables.

So you scanned your system after hearing all this talk and alerts about this “serious threat” and now you’ve found something suspicious and you’re wondering what to do. Well, it’s not that you had blocked it nor was the system fully patched and the doors closed, it was already on the system and has already done its rounds of spreading and attaching itself to critical areas of the system. This kind of threat isn’t the kind that you can rest comfortably with (well I can’t/don’t) and I wouldn’t feel comfortable knowing that it is on a network of someone I converse with.

I mean, things do happen but there should be due diligence in your system security best practices and how they are handled prior to an issue like this.

Now comes April 1st and you’re wondering, oh my God, what am I going to do?

Well, you’re about to be activated and who know what your command, effects and impact will be.

I hope that this is more of a hoax than what I have concluded from my own personal analysis. Maybe it’s time you start being more proactive than reactive.

We’ll just have to wait and see.

IT Security IS a people problem, not an industry one.

The IT Security Attaché