A new variant of conficker/downadup is being seen which according to anti-malware testers is even more of a git than the previous incarnations. The updates routines have been altered to remove the need for hard coded domains to be present and the malware can be updated via a push process. The worm's persistence has already been very hard to combat but after this version gets around the new battle of wits will begin. The botnet creating malware will have several ways of updating itself and will not be tied to a known list of domains - the reason the mutation has been forced onto the writers.
It doesn't look good
:(
Farkin Computers
In the pub
Connections
Blog Archive
-
▼
2009
(39)
-
▼
February
(24)
- Social Networking meets Rogue Antvirus
- Adobe patch flash player - due to exploited vuln
- Excel 0-Day in the wild :(
- Adobe Reader Unofficial Patch
- Conficker variant updates abilities
- Facebook terms and conditions saga unspins - for now
- Adobe Reader critical vulnerability
- SocialNetworkingSites.bad health = 'TRUE'
- Vista SP2 RC1 released to select few
- Facebook - your content is ours, muuuuhaahahaahaa!!!
- Ahar Jim Lad - TPB charges tossed overboard
- Apple patches Swiss Cheese OSX again
- MS puts up Bounty for conficker writer(s)
- Internet Explorer holes - hardly newsworthy it hap...
- Evesham PC - R.I.P
- Windows 7 Beta not Public anymore
- Valentines day = a hundred new malwares as usual
- Windows XP to Windows 7 - via wipe/reload/restore ...
- Kaspersky - makers of Anti-Hacker .....erm hacked
- iTunes DRM death - almost the last rites
- Software Updates
- In Depth Malware
- Vista Black Screen of Death
- Conficker Worm
-
▼
February
(24)