1

Remember Conficker, the virulent worm which caused such havoc at the start of the year? No, well maybe news headlines such as 'Virus sinks Royal Navy fleet comms' and 'Windows worm infects millions' might help jog your memory. Well hold onto your hats people, Conficker is back. And this time it comes with a new twist.

According to security specialists BitDefender the worm has not turned, but returned. Looking at the e-threat statistical report the company produces, I could hardly believe my eyes: sitting ugly on top of the most infected by charts was Conficker. In fact, of all the infected machines that BitDefender looked into during the month of August, Conficker (a.k.a Win32.Worm.Downadup) was sitting there staring back at them on a really quite staggering 43% of them. That puts it way out in front of other malware threats, with the second most prevalent infection (an Embarcadero Delphi built code injector called Win32.Induc.A) mustering a relatively meagre 15% share.

The latest Conficker variant has some new tricks up its virtual sleeve, such as not only being able to prevent access to IT security vendor websites as it always has but adding the installation of rogue security software onto the compromised machine. Highly profitable scareware scams have hit the headlines here at DaniWeb before, and Microsoft has had some success in hunting down the offenders. But the fact that Conficker is blocking access to legit software sites and leaving the door open to fake security solutions is a worrying turn of events.

The rest of the August threat list looks like this:

3. Win32.Sality.OG (polymorphic file infector)
4. Worm.Autorun.VHG (network worm)
5. Win32.Virtob.Gen (file infector written in assembly language)
6. Packer.Malware.NSAnti.1 (malware packing protection)
7. Win32.Worm.AutoIT.AC (keylogger dropper)
8. Win32.Sality.2.OE (dropped by Win32.Sality)
9. GEN:TDSS.Patched.1 (file dropper)
10. Win32.Worm.Downadup.Gen (worm exploiting MS08-67 vulnerability)

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

2
Contributors
2
Replies
3
Views
8 Years
Discussion Span
Last Post by happygeek
0

It's the scareware angle that worries me, you just know that's going to catch so many unsuspecting folks out.

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.