Spin Valley Post

Conficker, the Internet worm that caused a mild panic reminiscent of Y2K late last month, but which failed to do anything spectacular that would have warranted the breathless coverage on 60 Minutes (”The Internet is Infected”), has finally woken up. This morning, the worm  started to update itself via a peer-to-peer network between infected machines, after downloading its payload from a server in South Korea.

Sponsor

It is not clear how many machines were infected with this worm, but estimates range from 9 million to 15 million.

While earlier variations of the Conficker worm prevented infected machines from accessing the servers of most antivirus companies, this new variant also blocks access to sites that offer tools for removing the worm like BitDefenders bdtools.net.

Oddly, the Conficker worm now also includes an instruction that tells the worm to remove itself on May 3 (the hackers clearly like deadlines), though after that, it will keep a port open on these machines, that will allow the hackers to get back into these computers at any time.

The Big Picture: Spyware, Spambots, Pop-Ups

According to both Trend Micro and Symantec, Conficker, after downloading its update, also downloads a variant of the well-known Waledac malware. Waledac is one of the world’s most active spambots.

Security researchers are still trying to understand the connection between Waledac and Conficker’s new E variant (only a small number of antivirus products can currently detect this version of Waledac, by the way). Some, however, speculate that this connection could mean that Conficker was created by the same group of hackers that created Waledac and its predecessor, the infamous Storm botnet.

Business Model?

According to Kaspersky Labs’ Alex Gostev, Waledac will download a rogue antivirus application onto infected machines, as well as an email-worm that can steal data and send spam. The fake antivirus software will ask users to pay $49.95 for “Spyware Protect 2009,” which, of course, is anything but an antispyware product.

Protect Yourself (and others)

Of course, if your Windows machine is up to date and if you have kept your antivirus software up to date, chances are very good that you are well protected against Conficker.

If you want to learn more about Conficker and how to protect yourself, have a look at this list of resources we put together last month. If you want to see if you are infected, head over to this site from the University of Bonn.

Discuss

Related posts:

1. 7 Resources to Help You Prepare for Conficker’s D-Day <img alt=”conficker_mar_09.jpg” src=”http://spinvalleypost.com/wp-content/plugins/wp-o-matic/cache/81f6a_conficker_mar_09.jpg” width=”89″ height=”106″ Conficker a.k.a. Downadup, is causing...
2. Twitter VC Laughs at the Idea that Twitter Has No Business Model Todd Dagres, founder of Spark Capital and one of the...
3. Jeremy Toeman Finds a Traditional Business Model in a Web 2.0 World These days it’s all about making your free web site...
4. Tatango Launches Version 2.0; Announces New Business Model Tatango, the Seattle, WA-based easy-to-use group text messaging platform has...
5. New Business Model In Hand, Tagga Raises $400,000 Last August we wrote about Tagga, a new SMS service...

Related posts brought to you by Yet Another Related Posts Plugin.