«
»

Conflicker wakes up

In the beginning,  Conficker spreads via USB drive. It installs itself when user uses USB drive which was affected by Conficker. Now Conflicker wakes up and  update via peer-to-peer between infected computers and dropping a mystery payload on infected computers according ZDNet news.

Researchers are analyzing the code of the software that is being dropped onto infected computers and suspect that it is a keystroke logger or some other program designed to steal data from the machine.   The software appeared to be a .sys component hiding behind a rootkit, which is software that is designed to hide the fact that a computer has been compromised.  The hidden rootkit can be detect by wenpoint HiddenFinder.

According to a post on the TrendLabs Malware blog, the awakened worm tries to connect to MySpace.com, MSN.com, eBay.com, CNN.com and AOL.com as a way to test that the computer has Internet connectivity. It then deletes all traces of itself in the host machine, and is scheduled to shut down on May 3.

Tags: ,

This entry was posted on April 10, 2009 at 11:13 pm and is filed under antispyware, malware. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Conflicker wakes up”

  1. Jason Says:
    April 14, 2009 at 2:57 am | Reply

    sounds so scary!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.