Skip to navigation
Latest News

Conficker finally wakes up

 
Gallery

By Barry Collins

Posted on 9 Apr 2009 at 08:51

More than a week after the 1 April scare passed without incident, the Conficker worm finally appears to be active.

Researchers at Trend Micro have spotted the worm updating via peer-to-peer nodes and dropping a payload on to infected machines.

It's still not clear exactly what the payload is doing, although it's suspected to be connected to the Waledac family of malware, which has been used in the past to build huge botnets and steal data from infected PCs.

The Trend Micro blog reports that the new variant runs in random file/service names, and then deletes itself afterwards, leaving no trace behind.

The researchers claim the file also connects to the MySpace, MSN, Ebay, CNN and AOL websites, although it's reported to be merely checking there's an active internet connection, rather than launching a denial-of-service attack on those sites.

Trend Micro claims the new update also has an "untrigger date" of 3 May, when the worm will shut down.

You can check if your machine is infected with the worm by visiting the Conficker Eye Chart.

Subscribe to PC Pro magazine. We'll give you 3 issues for £1 plus a free gift - click here

From around the web

Be the first to comment this article

You need to Login or Register to comment.

(optional)

Office 365: A complete Guide

advertisement

Most Commented News Stories
More From PC Pro
Latest Blog Posts Subscribe to our RSS Feeds
Latest ReviewsSubscribe to our RSS Feeds
Latest Real World Computing

advertisement

Sponsored Links
 
SEARCH
SIGN UP

Your email:

Your password:

remember me

Create an account

advertisement


Hitwise Top 10 Website 2010
 
 

PCPro-Computing in the Real World Printed from www.pcpro.co.uk

Register to receive our regular email newsletter at http://www.pcpro.co.uk/registration.

The newsletter contains links to our latest PC news, product reviews, features and how-to guides, plus special offers and competitions.