Outsourcing News and Tips

Conficker, the Internet worm that caused a panic reminiscent of Y2K late last month, but didn’t make anything serious, has finally woken up. At the end of the week the worm started to update itself via a peer-to-peer network between infected machines after downloading its payload from a server in South Korea.

It’s not clear how many machines were infected, but approximately the figures range from 9 million to 15 million.

While earlier variations of the Conficker worm prevented infected machines from accessing the servers of most antivirus companies, this new variant also blocks access to sites that offer tools for removing the worm like BitDefenders bdtools.net. This version of the worm includes an instruction that tells the worm to remove itself on May 3, but , it will keep a port open on these machines that will allow the hackers to get back into these computers at any time.

According to Symantec, Conficker downloads a variant of the well-known Waledac malware, which is one of the world's most active spambots. There are some speculations around here that Conficker was created by the same group of hackers that created Waledac.

Kaspersky Labs stated that Waledac will download a rogue antivirus application along with email-worm onto infected machines. The fake antivirus software will ask users to pay $49.95 for "Spyware Protect 2009," which, of course, is anything but an antispyware product.

Tags: outsourcing

This entry was posted on Friday, April 10th, 2009 at 6:28 pm and is filed under Outsourcing Information. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.