Conficker Working Its Way Through the Alphabet

Ralph DeFrangesco

Last week, another variant of the Conficker worm was discovered, Conficker.E, by anti-virus vendor Trend Micro. The worm finally got the update we have all been waiting for since April 1, by its peer-to-peer (P2P) network. Again, security researchers are still not sure what the purpose of the worm is. However, now they do have insight as to what this variant will do. If you are infected with Conficker.E, Spyware Protect 2009 pops up, stating that you have malware installed on your computer and need to purchase a removal tool for $49.95. Such a steal for a product that does nothing! In addition, the worm installs the Waledac Trojan, which is a spam-based application that contains malicious links.

 

Users can test for the presence of the worm by going to any of the anti-virus vendor sites including:

 

Symantec

http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm

 

Microsoft

http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx


 

McAfee

http://www.mcafee.com/us/

 

I also found a very slick way of testing for the worm that you can share wit your users. The Conficker Eye Chart is an easy way for anyone to run a test for the worm. Click on the link and check the results:

 

http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

 

 

The worm is fairly easy to remove. Here are several links to vendors that offer removal tools:

 

Symantec

http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99

 

Microsoft

http://support.microsoft.com/kb/962007

 

McAfee

http://www.mcafee.com/us/threat_center/conficker.html

 

Conficker is not going to go away any time soon. I hate to make predictions, but I am predicting at least a Conficker.I variant before it's all said and done. The only bright spot is that Conficker.E will uninstall itself by May 1, 2009.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.