Conficker worm updated to spread scareware
Friday, April 10, 2009
Web security experts have spotted a new variant of the Conficker computer worm they say has begun downloading additional software on infected PCs, including a new rogue anti virus product.
Experts said the new variant, Conficker.E, is designed to update the .C variant that went live on April 1, rather than the original .A version that first showed up late last year.
Not everyone agrees that the malicious code being detected belongs to Conficker, according to InformationWeek. Some security experts believe the new variant is more closely associated with the Waledac worm.
The Washington Post reported that the .E variant sets up a web server on the infected system that re-enables the worm to spread itself through the Microsoft Windows vulnerability that caused the outbreak.
The update also instructs the Waledac component to remove itself if the date is on or after May 3, 2009, according to security researchers, the Post reported.
One security expert told the Post that the scareware update means the cybercriminals responsible for the worm are getting around to trying to make some money from all of their work.
"There are still some unknowns here, but things are becoming a lot more clear," the expert said, according to the Post. "[I]t certainly seems they're making a move here to finally monetize all this effort."
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
