New Conficker B++ Worm Discovered, More Stealth
A new variant of the Conficker/Downadup worm has been detected. The worm opens a backdoor on an infected machine and allows hackers remote control of infected PCs.
Dubbed Conficker B++ (and not to be confused with Conficker B), the new variant of the worm opens a backdoor with auto-update functionality, allowing a hacker to distribute malware to infected machines.
It's difficult to know exactly how long Conficker B++ has been circulating, but researchers first noticed it on February 6 of this year. (Source: pcadvisor.co.uk)
10.5 Million Computers Infected
Machines infected by the Conficker/Downadup worm can be used to send spam, to log keystrokes or to launch denial of service (DoS) attacks, but reports suggest that for the most part, that has not been happening.
The worm spreads by exploiting a dangerous Windows bug to attack computers on a local area network and by USB devices. According to SRI International research, about 10.5 million computers have been infected with variants of Conficker. (Source: pcadvisor.co.uk)
The Technical Analysis
Conficker B++ is no longer limited to re-infection by similarly structured DLL files, but can now be pushed in new self-contained Win32 (executable) applications. These executables can infiltrate the host using methods that are not detected by the latest anti-Conficker security applications. (Source: mtc.sri.com)
Under Conficker B++, two new paths to binary validation and execution have been introduced to Conficker drones, both of which bypass the use of Internet rendezvous points, increasing the flexibility of the direct flash mechanisms which offer the ability to load digitally-signed Win32 executables directly to a Conficker host.
Microsoft Security Bulletin MS08-067 Patches Flaw
The Conficker/Downadup worm has been able to proliferate widely because many PC users have not applied the patch supplied by Microsoft. Security Bulletin MS08-067 from Microsoft patches the Windows flaw. Information that will help you find out if your computer is infected and how to fix it is available from Microsoft. (Source: microsoft.com)
Detailed information on all variants of the Conficker/Downadup worm can be found from SRI International Research.
Visit Bill's Links and More for more great tips, just like this one!
Free guide: Windows 7 -- Free Quick Reference Card. Ask any pro computer user and they'll tell you: having to constantly reach for the mouse not only causes strain on your neck and back - it also slows you down. Imagine being able to control your computer the way it was meant to be - using your keyboard! With this guide, you'll learn to dramatically increase productivity using the best ways to navigate, organize, and manage your Windows PC and its contents. Most importantly: the majority of these shortcuts, tips, and tricks are valid for any PC, netbook, and laptop running Windows XP, Vista, and 7. Use it to brush up on the basics and to find alternate methods to your favorite commands. This printable quick reference guide is yours to use, distribute, and share! Click here to download this guide now! Note: this guide is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.