PCs infected with the latest version of the Conficker worm could run into problems on April Fools' Day, according to security firm Computer Associates (CA).

The third Conficker malware variant in infected machines, first discovered by Symantec last week, will activate April 1, said CA's director of threat research, Don DeBolt.

"It's set to go off April 1, 2009 and Conficker will generate 50,000 URLS daily," said DeBolt. Generating that many URLs is a way to hide where it may be calling to download instructions from those who designed it to infected machines. It's not known exactly what those instructions might be but it could involve downloading more malicious code or destroying files.

CA says it has some ideas about where Conflicker originated but isn't discussing that at present.

Network World