Third Conficker Worm Wields: Most Resilient Yet

by Bill Lindner on 20090311 @ 10:32PM EST | google it | send to friends
Filed under Security | (related terms: infected, antivirus, variant, symantec, conficker/downadup worm)

The frightening Conficker worm is just getting bigger and meaner all the time. W32.Downadup.C, a third variant of the Conficker/Downadup worm, is reportedly being pushed out to systems that are already infected.

Analysis of the third variant of the worm by Symantec is still in the early stages, but their initial research found a couple of new attributes -- one of which includes targeting antivirus software and security tools with the intention of disabling them. (Source: symantec.com)

New Variant Protects itself from AntiVirus Software

The Conficker/Downadup authors moved from a 250-a-day domain-generation algorithm to a new 50,000-a-day domain-generation algorithm in response to the security industry's success in cracking the W32.Downadup.B domain-generation algorithm. (Source: symantec.com)

Symantec is not seeing an increase in customer infections for this threat but they are keeping a close eye on it.

Earlier versions of the conficker/downadup worm attempted to disable antivirus software but the newest variant is designed to provide more protective actions to infected PCs so it can better defend itself from antivirus software and other methods of remediation.

A Modular Component For Currently Infected PCs

Vincent Weafer, Vice president of Symantec Security Response, says that W32.Downadup.C is a more aggressive modular component for machines currently infected with the Conficker/Downadup worm. The new version does not attempt to self-replicate and appears to behave more like a Trojan than a worm, noting that it's more robust in defending itself. (Source: pcworld.com)

A list of processes found on infected machines that contain an antivirus program or security analysis tool that are killed can be found at Symantec's forum. (Source: symantec.com)

Visit Bill's Links and More for more great tips, just like this one!

Stay Informed: Subscribe Free to Infopackets, Today! Get your daily fix of Microsoft Windows news, reviews, tech tips, plus free software (freeware) goodies daily -- all absolutely free -- delivered straight to your email inbox! Bonus: join our website today and you'll also receive our highly coveted Top 10 Tech Reports, including: Top 10 PC Security Essentials, Windows Optimization Secrets, Top Freeware Antivirus, MS Office alternatives and more. Don't delay: subscribe today! Click here for more info.

Infopackets Game of the Week

Secrets of the Dark: Eclipse Mountain Collector's Edition

Click here to read more.

Most Clicked Stories
(In the Past 15 Days)

Freebies

Subscription Center

Recommended Sites

DownloadMix.com: More Freeware + Shareware

About

Established in 2001 and read by over 250,000 users world-wide, infopackets features the latest in headline news based on MS Windows, Internet, and technology trends. Subscription to our website is free! Join our discussion list, today!