NVDi Support News & Alerts » Waledac http://news.nvdi.net   Support information and alerts for NVDi customers and friends Sun, 04 Apr 2010 20:54:40 +0000 en hourly 1 http://wordpress.org/?v=3.1.3 Conficker starts serving up malware http://news.nvdi.net/2009/04/conficker-starts-serving-up-malware/ http://news.nvdi.net/2009/04/conficker-starts-serving-up-malware/#comments Fri, 10 Apr 2009 02:36:34 +0000 wkwalker http://news.nvdi.net/?p=76 As mentioned in the previous post, Conficker is stirring. After applying some code updates, it has started serving up malware. It’s typical of botnets like Conficker to be rented out in sections to various groups of dirtbags, so not all Conficker victims are getting identical infestations.

Some systems are being infected with a fake antivirus application called “Spyware Protect 2009.” Once launched, it buries you in a blizzard of pop-ups claiming you are infected with any number of malware programs and offering to remove them for $49.95. (Looks like the price has gone up. The standard scareware demand used to be $39.95.)

Other Conficker nodes are being infected with “Waledac,” which establishes a back door for sending spam. Waledac also acts as a password-stealing Trojan, so victims face a privacy threat, as well.

Further reading . . .

PC World has a good overall write-up and Kaspersky’s analysis provides additional detail, especially about Spyware Protect 2009.

]]> http://news.nvdi.net/2009/04/conficker-starts-serving-up-malware/feed/ 0