• AXIOM IT Solutions, Inc.
  • AXIOM IT Solutions, Inc.
  • AXIOM IT Solutions, Inc.
  • AXIOM IT Solutions, Inc.

Making sense of the latest Conficker - ZDNet.com 4/10/2009

From: http://blogs.zdnet.com/hardware/?p=4131

Adrian Kingsley-Hughes

April 10th, 2009

 

 

Several of you have emailed me for information about the latest Conficker update. Consider this post an update to my “no bull” guide to Conficker.

Q: So, what’s happening?

A: On April 8th a new update was made available to machines infected with Conficker variant C. This new update is called Conficker.E by many antivirus vendors.

Q: How does this update come in?

A: As an .exe file (previous conficker variants were all .dll files) via peer-to-peer (P2P).

Q: What does this new update do?

A: It seems that this update is a scareware package. It consists of a fake antispyware tool called Spyware Guard 2008. This update is a rogue antispyware tool that when triggered will “discover” that the system is infected with malware and ask the user for a payment to remove it. Of course this is all a scam and the system remains infected after the paid-for detox.

Detailed removal instructions for Spyware Guard 2008 can be found here.

This update also reintroduces Conficker’s ability to exploit the MS08-067 Windows vulnerability (Conficker.C didn’t have this feature).

It’s also suspected that Conficker.E will coral PCs and put them to work as part of a spambot network.

Q: Anything else interesting about Conficker.E?

A: Well, it is set to delete itself if the date is May 3, 2009 or later. Gives us an idea as to when the next update could be due.

Q: How widespread is Conficker.E?

A: Well, this this update is being sent to systems running Conficker.C, and it is estimated that this has infected a few million systems, that’s a good starting point for how far this might go. Given that this update also leverages MS08-067 then it has the potential to spread evenfurther.

Q: Is it time to panic?

A: Yes!!! … Nah, of course it isn’t. Update your PCs, scan your systems and get on with life.

Q: What should I do if I/a client/a colleague/a friend/a family member is still worried?

A: Send them here for a quick and simple test. If that’s not enough, send them to the Sunbelt Software or BDTools site so they can scan their systems for Conficker.

Don’t Panic! :-)

Adrian is a technology journalist and author who has devoted over a decade to helping users get the most from technology. He also runs a popular blog called The PC Doctor. See his full profile and disclosure of his industry affiliations

 

August, 2011

Montana Tourism Data Available To General Public

Read More and Visit the Website
 
March, 2010

AXIOM receives the Sustainable Business Council's Achiever Level assessment for significant integration of environmental and social sustainability practices
Read more text
 
September, 2009

AXIOM is on the Project Management Office Committee for the State of Montana

Read more text