Conficker is back and twisted


Remember Conficker, the virulent worm which caused such havoc at the start of the year? No, well maybe news headlines such as 'Virus sinks Royal Navy fleet comms' and 'Windows worm infects millions' might help jog your memory. Well hold onto your hats people, Conficker is back. And this time it comes with a new twist.

According to security specialists BitDefender the worm has not turned, but returned. Looking at the e-threat statistical report the company produces, I could hardly believe my eyes: sitting ugly on top of the most infected by charts was Conficker. In fact, of all the infected machines that BitDefender looked into during the month of August, Conficker (a.k.a Win32.Worm.Downadup) was sitting there staring back at them on a really quite staggering 43% of them. That puts it way out in front of other malware threats, with the second most prevalent infection (an Embarcadero Delphi built code injector called Win32.Induc.A) mustering a relatively meagre 15% share.

The latest Conficker variant has some new tricks up its virtual sleeve, such as not only being able to prevent access to IT security vendor websites as it always has but adding the installation of rogue security software onto the compromised machine. Highly profitable scareware scams have hit the headlines here at DaniWeb before, and Microsoft has had some success in hunting down the offenders. But the fact that Conficker is blocking access to legit software sites and leaving the door open to fake security solutions is a worrying turn of events.

The rest of the August threat list looks like this:

3. Win32.Sality.OG (polymorphic file infector)
4. Worm.Autorun.VHG (network worm)
5. Win32.Virtob.Gen (file infector written in assembly language)
6. Packer.Malware.NSAnti.1 (malware packing protection)
7. Win32.Worm.AutoIT.AC (keylogger dropper)
8. Win32.Sality.2.OE (dropped by Win32.Sality)
9. GEN:TDSS.Patched.1 (file dropper)
10. Win32.Worm.Downadup.Gen (worm exploiting MS08-67 vulnerability)

About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

Jonnas_tan 0 Newbie Poster

Not Conficker again! bad memories with this one here! hardly got rid of it!

happygeek 2,411 Most Valuable Poster Team Colleague Featured Poster

It's the scareware angle that worries me, you just know that's going to catch so many unsuspecting folks out.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.