Thursday, April 16, 2009

Conficker virus evolves to spam and steal data

The Conficker worm (also known as Downadup and Kido) has been with us since October 2008. Yet we still don’t know what the ultimate aim of the virus is. However, a new variant is now spreading via peer-to-peer that suggests Conficker is set to evolve and start spamming and stealing sensitive data. In other words, it’s a nasty little thing to have on your computer.
Conficker is a particularly nasty worm which works by exploiting a bug in the Windows operating system. Microsoft issued an urgent security update to fix the problem and plug the hole soon after the worm was discovered. The problem is that once infected the virus prevents you from updating your system, either Windows or in a lot of cases anti-virus software too.
Once installed on a system Conficker communicates with various domains on the Internet and updates itself. There was intense speculation that the Conficker worm would deliver its payload and start wreaking havoc on April 1. However, that date came and went without incident.
Here we are a week later and the thing has come alive with a vengeance. According to CNET, things started to happen on April 8, the result of which has helped security analysts connect Conficker with a botnet called Waledac. If the two are linked as supposed it would mean Conficker is likely to be intended to both spam infected users and to steal their data such as bank details.
The new Conficker Variant.E updates Variant.C with encrypted software. The update is being rolled-out gradually so as not to alert people to the presence of the virus or of the new installations. Researchers aren’t yet aware of what the payload is but they have concluded it’s linked to the well-known Waledac virus.
Waledac is a malicious program that turns PCs into spam relays, steals data, and opens up the computer to remote operation. This suggests the two programs were created and are being spread by the same people and gives clues Conficker’s ultimate aim.
Despite the publicity surrounding Conficker, how to detect it, and to remove it, an estimated one to two million PCs are thought to be infected. With the virus starting to evolve in order to do the damage that’s been planned, now is the time to safeguard yourself. Download and install Security Update MS08-067 and run the latest Malicious Software Removal Tool to ensure your system hasn’t been compromised.

No comments:

Post a Comment

counter to blogger