Trend found that the update was a version of the Waledac family of spam Trojans. They later determined the file had been placed there via Conficker's built-in peer-to-peer (P2P) communications capability, which allows large groupings of infected systems to hand off software updates and instructions being pushed out by the worm authors. Researchers at Trend Micro reported the first stirrings of Conficker.C on Wednesday, when they noticed a new file show up in the temporary director of a number of test machines they'd infected with the worm. The rogue anti-virus software, however, was not the only piece of rubbish to be sent to Conficker infected systems this week. In its bi-annual security report released this week, Microsoft cited rogue anti-virus as one of the most prolific and fastest-growing threats facing Windows users today. Many affiliates were making six-figure paychecks each month distributing this worthless software by various means, all of them extremely sneaky if not downright illegal. As I noted last month, this was a site where distributors of rogue anti-virus products would go for the latest programs and links to the latest download locations. The first version of Conficker contained within its genetic makeup instructions telling infected systems to visit a site called. This development adds an interesting wrinkle. Of course, this service comes at a price - $49.95." Kaspersky reports that the rogue anti-virus product is being downloaded from a Web server in Ukraine. Today, however, that mystery evaporated, as anti-virus companies reported seeing Conficker systems being updated with SpywareProtect2009, a so-called "scareware" product that uses fake security alerts to frighten consumers into paying for bogus computer security software.Īccording to Kaspersky Labs, once the scareware is downloaded, the victim will see the usual warnings, "which naturally asks if you want to remove the threats it's 'detected'.
Since its debut late last year, the collection of hundreds of thousands - if not millions - of systems sick with Conficker has somewhat baffled security researchers, who are accustomed to seeing such massive networks being used for money-making criminal activities, such as relaying junk e-mail. Security experts nervously watching computers infested with the prolific Conficker computer worm say they have begun seeing infected hosts downloading additional software, including a new rogue anti-virus product.
0 kommentar(er)
