Conficker awakens . . .

Discussion in 'Apple, Inc and Tech Industry' started by *LTD*, Apr 9, 2009.

  1. *LTD* macrumors G4


    Feb 5, 2009

    Windows Conficker worm awakens, updates via P2P, begins to drop payload; Macintosh unaffected

    Thursday, April 09, 2009 - 01:38 PM EDT

    "The Conficker worm is finally doing something--updating via peer-to-peer between infected [Windows PCs] and dropping a mystery payload on infected computers, Trend Micro said on Wednesday," Elinor Mills reports for CNET.

    "Researchers were analyzing the code of the software that is being dropped onto infected computers but suspect that it is a keystroke logger or some other program designed to steal sensitive data off the machine, said David Perry, global director of security education at Trend Micro," Mills reports.

    "The software appeared to be a .sys component hiding behind a rootkit, which is software that is designed to hide the fact that a computer has been compromised, according to Trend Micro. The software is heavily encrypted, which makes code analysis difficult, the researchers said," Mills reports.

    "On Tuesday night Trend Micro researchers noticed a new file in the Windows Temp folder and a huge encrypted TCP response from a known Conficker P2P IP node hosted in Korea," Mills reports. "In addition to adding the new propagation functionality, Conficker communicates with servers that are associated with the Waledac family of malware and its Storm botnet, according to a separate blog post by Trend Micro security researcher Rik Ferguson."
  2. Consultant macrumors G5


    Jun 27, 2007
    The virus controllers are really cautious. Maybe a plot to take over the world?
  3. diemos macrumors 6502

    Mar 6, 2009
  4. NT1440 macrumors G4


    May 18, 2008

    Everybody run! Seth McFarlin & Alec Baldwin have access to your computer!
  5. liptonlover macrumors 6502a

    Mar 13, 2008
    In case there are any windows users here, how does one remove the worm in case they have it? Does it require a clean reinstall, then manually moving wanted information back? I'd like to be able to warn my friends...
  6. FX120 macrumors 65816


    May 18, 2007
    The worm was patched several months ago. If your computer is up to date, you're safe.
  7. localoid macrumors 68020


    Feb 20, 2007
    America's Third World
    Reading Microsoft's page about the Conficker worm would be a good starting point...
  8. chrono1081 macrumors 604


    Jan 26, 2008
    Isla Nublar
    I've already had to remove this crap from computers at work. Its a pain in the @$$ and this was months ago. Hopefully no new stuff pops up.

Share This Page