The evolution of the multi-faceted Conficker worm is expected to take another turn this May 5th when the latest version, Conficker.E, will simply self-destruct on infected machines, say a number of security researchers.
F-Secure, Trend Micro and SecureWorks are among those that believe Conficker.E—first spotted just this April and probably created by the same attackers that since last fall let loose the Conficker.A through Conficker.C variants—has been designed to simply self-detonate on May 5th.
“It will simply self-destruct,” says Mikko Hypponen, chief research officer at F-Secure, pointing out that researchers, who had been arguing over name for variants, agreed to skip past the name “Conficker.D” entirely to settle on the name “Conficker.E.”
http://www.networkworld.com/news/2009/0 ... -worm.html
What would be their motivation to do this? If you have gained ground, why give it up? Why not have it pull updates and continue on?
My best guess is the authors authors just want to get drunk on Cinco de Mayo and they don't want to worry about it that day or the next then they have severe hangovers.
Anyone else have a better conspiracy theory?