Trend Micro Discovers New Variant of Conficker WORM_DOWNAD.E
Trend Micro discovered a new file sourced by a known Conficker P2P IP node - a new variant of Conficker now known as WORM_DOWNAD.E, indicating that cybercriminals behind the notorious Conficker worm may finally be gearing up for more serious attacks.
Trend Micro threat researchers had been carefully monitoring for signs of Conficker activity and discovered increasing P2P communications from the Conficker peer nodes, believed to be hosted in Korea. The file, found in the Windows Temp folder, was created on April 7, 2009 at 07:41:21 PM, PDT.
The new variant, WORM_DOWNAD.E, runs using a random file name and random service name; it is known to connect to the following sites: myspace.com, msn.com, ebay.com, cnn.com, and aol.com. This also propagates via MS08-067 to external IPs if the Internet is available; however if no connections are found, it uses local IPs.
It spreads through vulnerabilities in the operating systems.
As always, Internet users are urged to install and update their security software to ensure their PCs are protected from Web threats like this that are fast, stealthy and hard-to-detect.
Many of Trend Micro's products are powered by the Trend Micro(TM) Smart Protection Network, which blocks threats before they can enter a network; correlated in-the-cloud Web, email and file reputation databases allow Trend Micro to quickly analyze and block new threats as they appear. Products for consumers and enterprises include:
For enterprises, Trend Micro OfficeScan Client/Server Edition
The multiple protection layers embedded in Trend Micro OfficeScan are designed to stop this aggressive malware--protecting endpoints against infection and preventing it from spreading to other PCs and servers. The faster protection delivered by the Trend Micro Smart Protection Network is designed to detect the initial infection and propagation attempts of worms like Downad/conficker and blocks them immediately.
For consumers, Trend Micro Internet Security Pro
Trend Micro Internet Security, which is designed to block worms like the Downad/conficker worm, covers all home computers with smart protection against viruses, spyware, and other malicious threats without slowing down computer performance.
Research and collaboration is currently ongoing in Trend Micro threat research labs, as well as within the Conficker Working Group.
Source : techarena
Trend Micro discovered a new file sourced by a known Conficker P2P IP node - a new variant of Conficker now known as WORM_DOWNAD.E, indicating that cybercriminals behind the notorious Conficker worm may finally be gearing up for more serious attacks.
Trend Micro threat researchers had been carefully monitoring for signs of Conficker activity and discovered increasing P2P communications from the Conficker peer nodes, believed to be hosted in Korea. The file, found in the Windows Temp folder, was created on April 7, 2009 at 07:41:21 PM, PDT.
The new variant, WORM_DOWNAD.E, runs using a random file name and random service name; it is known to connect to the following sites: myspace.com, msn.com, ebay.com, cnn.com, and aol.com. This also propagates via MS08-067 to external IPs if the Internet is available; however if no connections are found, it uses local IPs.
It spreads through vulnerabilities in the operating systems.
As always, Internet users are urged to install and update their security software to ensure their PCs are protected from Web threats like this that are fast, stealthy and hard-to-detect.
Many of Trend Micro's products are powered by the Trend Micro(TM) Smart Protection Network, which blocks threats before they can enter a network; correlated in-the-cloud Web, email and file reputation databases allow Trend Micro to quickly analyze and block new threats as they appear. Products for consumers and enterprises include:
For enterprises, Trend Micro OfficeScan Client/Server Edition
The multiple protection layers embedded in Trend Micro OfficeScan are designed to stop this aggressive malware--protecting endpoints against infection and preventing it from spreading to other PCs and servers. The faster protection delivered by the Trend Micro Smart Protection Network is designed to detect the initial infection and propagation attempts of worms like Downad/conficker and blocks them immediately.
For consumers, Trend Micro Internet Security Pro
Trend Micro Internet Security, which is designed to block worms like the Downad/conficker worm, covers all home computers with smart protection against viruses, spyware, and other malicious threats without slowing down computer performance.
Research and collaboration is currently ongoing in Trend Micro threat research labs, as well as within the Conficker Working Group.
Source : techarena
No comments:
Post a Comment