Conficker awakens . . .

Discussion in 'Apple, Inc and Tech Industry' started by *LTD*, Apr 9, 2009.

  1. *LTD* macrumors G4

    *LTD*

    Joined:
    Feb 5, 2009
    Location:
    Canada
    #1
    http://www.cnn.com/2009/TECH/04/09/conficker.activated/index.html

    http://macdailynews.com/index.php/weblog/comments/20738/


    Windows Conficker worm awakens, updates via P2P, begins to drop payload; Macintosh unaffected

    Thursday, April 09, 2009 - 01:38 PM EDT

    "The Conficker worm is finally doing something--updating via peer-to-peer between infected [Windows PCs] and dropping a mystery payload on infected computers, Trend Micro said on Wednesday," Elinor Mills reports for CNET.

    "Researchers were analyzing the code of the software that is being dropped onto infected computers but suspect that it is a keystroke logger or some other program designed to steal sensitive data off the machine, said David Perry, global director of security education at Trend Micro," Mills reports.

    "The software appeared to be a .sys component hiding behind a rootkit, which is software that is designed to hide the fact that a computer has been compromised, according to Trend Micro. The software is heavily encrypted, which makes code analysis difficult, the researchers said," Mills reports.

    "On Tuesday night Trend Micro researchers noticed a new file in the Windows Temp folder and a huge encrypted TCP response from a known Conficker P2P IP node hosted in Korea," Mills reports. "In addition to adding the new propagation functionality, Conficker communicates with servers that are associated with the Waledac family of malware and its Storm botnet, according to a separate blog post by Trend Micro security researcher Rik Ferguson."
     
  2. Consultant macrumors G5

    Consultant

    Joined:
    Jun 27, 2007
    #2
    The virus controllers are really cautious. Maybe a plot to take over the world?
     
  3. diemos macrumors 6502

    Joined:
    Mar 6, 2009
  4. NT1440 macrumors G4

    NT1440

    Joined:
    May 18, 2008
    Location:
    Hartford, CT
    #4
    ITS HULU!

    Everybody run! Seth McFarlin & Alec Baldwin have access to your computer!
     
  5. liptonlover macrumors 6502a

    Joined:
    Mar 13, 2008
    #5
    In case there are any windows users here, how does one remove the worm in case they have it? Does it require a clean reinstall, then manually moving wanted information back? I'd like to be able to warn my friends...
    Nate
     
  6. FX120 macrumors 65816

    FX120

    Joined:
    May 18, 2007
    #6
    The worm was patched several months ago. If your computer is up to date, you're safe.
     
  7. localoid macrumors 68020

    localoid

    Joined:
    Feb 20, 2007
    Location:
    America's Third World
    #7
    Reading Microsoft's page about the Conficker worm would be a good starting point...
     
  8. chrono1081 macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #8
    I've already had to remove this crap from computers at work. Its a pain in the @$$ and this was months ago. Hopefully no new stuff pops up.
     

Share This Page