April Fool’s Day has always been a favorite of Internet “pranksters”, hackers and disseminators of online evil. Reports are floating around that the Conficker worm’s latest variant will become active on April 1. Conficker malware is designed to spread the malware and grow a massive botnet, and the latest version, W32.Downadup.C, will strengthen the purposes of the worm’s creators. This latest version deactivates security processes on the victim’s PC, preventing some security products from running. It also prevents computers from connecting to some security Web sites. Security software commonly “phones home” to update blacklists and other up-to-date anti-malware information. The latest version also generates thousands of domain names, which are used by the zombified PCs to check in for further instructions.

The new version of the worm, by registering so many domain names, attempts to foil the so-called “Conficker Cabal,” a Microsoft-led group which attempted to predict the domain names Conficker would register, and register them before Conficker had a chance to do so.

Conficker has achieved widespread coverage, with some nine million infected machines, although to date, it’s still a ticking time bomb that has yet to release its payload. So far, its main purpose has been to grow a botnet, and it’s been quite successful–what the authors plan to do with that botnet is still up in the air. There’s no question though, Conficker is going to be a force to be reckoned with, and we haven’t seen the worst of it yet.