Conficker woke up
On Wednesday, the Conficker worm (Kido) finally showed signs of life: it was updated via the P2P network of infected machines, and also installed some new software on them, the functionality of which is not yet clear, according to antivirus company Trend Micro.
Experts are now analyzing the source code of the new program and trying to determine what it does. There is a suspicion that this is a keylogger who records all keystrokes.
The new program is a component .sys, and it is securely encrypted, making it difficult to analyze the source code.
')
The worm attempts to connect to MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com to check for an Internet connection. He must remove all traces of his existence and completely stop self-replication on May 3, 2009. However, the network of infected PCs will remain open for management even after this date.
The worm spreads through a hole in Windows, the patch for which was released in October, as well as through flash drives. It blocks access to more than 100 sites of antivirus companies. Check your computer for infection here and here . You can remove Conficker from your computer using this utility .
via Cnet News
Experts are now analyzing the source code of the new program and trying to determine what it does. There is a suspicion that this is a keylogger who records all keystrokes.
The new program is a component .sys, and it is securely encrypted, making it difficult to analyze the source code.
')
The worm attempts to connect to MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com to check for an Internet connection. He must remove all traces of his existence and completely stop self-replication on May 3, 2009. However, the network of infected PCs will remain open for management even after this date.
The worm spreads through a hole in Windows, the patch for which was released in October, as well as through flash drives. It blocks access to more than 100 sites of antivirus companies. Check your computer for infection here and here . You can remove Conficker from your computer using this utility .
via Cnet News
Source: https://habr.com/ru/post/56918/
All Articles