New Conficker Worm Seen To Infect, Control Millions Of PCs On April 1
ShareThis
March 27, 2009 12:49 a.m. EST
Windsor Genova - AHN News Writer
New York, NY (AHN) - A new version of the Conficker worm that targets PCs running on Windows operating system is set to activate on April 1 and potentially control millions of infected machines, according to computer security experts.
Authors of the Conficker may use the zombie computers for spamming or other nefarious purposes, said the experts who studied the code of the latest version of the worm. Worse, the botnet masters may steal data from infected computers and sell them, Stefan Savage, a computer scientist at the University of California at San Diego, told the New York Times.
Unlike the first variant of the worm also known as Kido or Downadup that emerged in November and Conficker B detected in February and spread also via removable storage devices, the latest version that surfaced earlier this month disables security services, prevents PCs from connecting to security Web sites and downloads a Trojan or harmful program. The worm uses peer-to-peer networking to connect to other infected computers.
Conficker C can generate up to 50,000 domains, 500 of which will be contacted in random per day to receive updated copies of the worm or other malware or instructions. The daily number of PCs to be contacted is double that of previous Confickers to make it harder for security researchers to block it by preregistering targeted domains. Conficker C also uses strong encryption codes to make it difficult for security researchers to pinpoint the domain name that will be contacted on April 1.
"What they're trying to do is make our lives miserable on any efforts to mitigate the threat," Paul Ferguson, an advanced-threats researcher for Trend Micro, according to CNET News. "They are using tactics that are probably the most complex and sophisticated botnet tactics we've seen to date."
Windows maker Microsoft Corp. has partnered with all the major security companies and domain registrars and registries to stop Conficker C. |
