• Home
• About
• RSS
• Get in touch

The Worm Turns?

A new sample of Conficker (Downadup) has been found on one of our honeypot machines. (These are part of our Global Intelligence Network – which operates in 200 countries, gathering details and statistics on malware.) The new sample has reintroduced one of the exploit vectors (MS08-067) and also appears to be connected to another piece of malware (W32.Waledac) a very active spambot.

W32.Waledac steals sensitive information, turns computers into spam zombies, and establishes a back door remote access. Symantec products already provide antivirus and IPS protection for Waledac.

Perhaps most interestingly, there is also a ‘kill’ component – whereby it looks like the worm will remove itself from infected hosts on May 3rd 2009. Does this mean that there will be a new variant by then, or will its true purpose have been revealed by then?

comments

• Connect with us



• Get Email Updates

• Recently Posts

  • Common Criteria EAL +3 Security Certification – What’s all the fuss about?
  • Cyber crime: a real risk to global stability
  • Let’s get back to basics in 2012
  • The challenges of securing industrial control systems
  • The Power of Collaboration Against Cybercrime
  • A View from the London Conference on CyberSpace
  • Safety first when going virtual
  • #smbrisk – a great debate
  • Tainted love….remembering the love bug of 2000
  • Get social, not paranoid

• Pages

  • announcements
  • Application
  • Availability
  • backup
  • botnet
  • Cloud computing
  • Complexity
  • Compliance
  • Consumerization
  • cyber-crime
  • data centre
  • data-loss
  • Denial of service
  • disaster recovery
  • Education
  • Green IT
  • impersonation
  • Information Policy
  • Insider
  • IT equipment
  • Miscellaneous
  • misleading applications
  • Patching
  • Phishing
  • Regulation
  • Reputation
  • SaaS
  • security
  • small business
  • Social Media
  • Spam
  • Speaking
  • Storage
  • trojan
  • Uncategorized
  • Virtualization
  • Virus

• Blogroll

  • Ask Marian Consumer Security Blog
  • Bruce Schneier’s Blog
  • Con Mallon’s Symantec Consumer Blog
  • Gareth’s BE Blog
  • Get Safe Online (The Blog)
  • Gizmodo Gadget Blog
  • Jonathan Schwartz’s Blog
  • Phil Windley’s Technometria
  • Security Bloggers Network
  • Symantec French contributor - A blog from the French pen of Laurent Heslault
  • Symantec Guide to Scary Internet Stuff – Botnets
  • Symantec Guide to Scary Internet Stuff – Drive-by downloads - Video explaining the latest security threats in simple terms, on drive-by downloads
  • Symantec Guide to Scary Internet Stuff – No 5 Rogue AV
  • Symantec Guide to Scary Internet Stuff – No 6 Denial of Service Attacks
  • Symantec Guide to Scary Internet Stuff – No7 Pests on your PC
  • Symantec Guide to Scary Internet Stuff – No8 Losing your Data
  • Symantec Guide to Scary Internet Stuff – Phishing
  • Symantec Guide to Scary Internet Stuff – Underground Economy
  • Symantec podcast channel - A channel of podcasts on current security and availability topics from the experts at Symantec
  • Toby Stevens’ Data Trust Blog