Thursday, April 9

New Updates Conficker - April 9th

As expected, the conficker worm has continued it subtle updates and is using the newly acquired p2p functionality to do it. In addition it also appears to update the payload functionality and may also be actively defending itself by affecting the availability of the conficker working group site.

Researchers are looking at the new code and initial analysis points to key-logger software and new protection mechanisms. I think most security professionals would serve their clients well by keeping up to date on this.

UPDATE:

It looks like the code is starting monetize, by installing a scamming anti-virus software package which costs you $49.99, and in some cases installing spamming relay software. There are also reports that it is set to delete itself on May 3rd (I'm skeptical about this one).


Time for law enforcement to do their job and follow-the-money!
Post a Comment