By Jim Finkle

BOSTON, USA: Conficker, a malicious software program that has infected millions of computers could enter a more menacing phase on Wednesday, from an outright attack to a quiet mutation that would further its spread. 

Computer security experts who have analyzed the Conficker worm's code say it is designed to begin a new phase on April 1, and while it's unclear whether it will unleash havoc or remain dormant, its stubborn presence is rattling businesses with multimillion-dollar budgets to fight cyber crime.

Conficker, believed to reside on 2 million to 12 million computers worldwide, is designed to turn aninfected PC into a slave that responds to commands sent from a remote server that controls an army of slave computers known as a botnet.

"It can be used to attack as well as to spy. It can destroy files, it can connect to addresses on the Internet and it can forward your e-mail," said Gadi Evron, an expert on botnets who helps governments protect against cyber crime.

But like many security experts, he doubts Wednesday will see a big attack.

The virus has been powerful enough to attack infected computers for months by exploiting weaknesses in Microsoft's Windows operating system. Evron and several other analysts said Wednesday's change could simply give Conficker enhanced functionality, possibly making it more dangerous.

"This is the electronic equivalent of being told there is a major storm that has a 20 percent chance of hitting," said Mark Rasch, an executive at Secure IT Experts who spent 25 years prosecuting computer crimes at the U.S. Department of Justice.

"It's not time to hide in the bunker. But it might be prudent to look out the window," he added.

In February, Microsoft announced it was offering a $250,000 reward for information leading to the arrest and conviction of whoever is responsible for creating Conficker, saying the worm constituted a "criminal attack."

FEARS OF ID THEFT

Botnets are a major worry because they can surreptitiously steal identities, log sensitive corporate information, credit card numbers, online banking passwords or other key data users of infected PCs type on their keyboards.

The information is often sold to criminal rings.

"Most malware we see in this day and age is very concerned with stealing information and making money for the author," said Dave Marcus, a researcher with security-software maker McAfee Inc's Avert Labs.

Experts said Conficker's authors might gradually change the way it communicates to avoid attention and to prevent companies from putting in place safeguards such as those used to fight the worm since it first surfaced last year.