Conficker Worm finally stirs

[forrestcupp]

Conficker worm finally stirs

The (bad) April Fool's scare caused by the widely spread Conficker variety of malware has been followed by a spring to life by the Conficker worm, according to security firm Trend Micro. The firm has tracked Conficker updates to infected machines over the past few days, hinting that the authors are trying to cash in on their global botnet. Rather than instruct the worm to cause global chaos, it has started downloading fake anti-virus tools to nag users about phony infections and scam them into buying the "product".

This is why I said that it was counterproductive to imply that the threat had passed after April 1st.

 

[KSoD]

Yeah and at the same time it is the same type of article.

The firm has tracked Conficker updates to infected machines over the past few days, hinting that the authors are trying to cash in on their global botnet.

No where is there any proof that this will even be activated. There was a scare back before the 1st and now again just because a few updates were sent out doesnt mean it is going to go active.

So while the other article was counter-productive saying that it was a dud, this is counter-productive trying to say that it is going to happen.

There is no proof either way. The updates could simply be to bypass the detectors that have been made. There is nothing saying that the worm will go active at all.

This is Trend Micro trying to make a claim of something just because of a update. There is no way to say that it is a dud or that it will become active. any news article that makes the claim either way is going to be counter-productive cause they dont know. The only people that do know are the developers.

 

[forrestcupp]

I wouldn't say it's counterproductive. It's better to be safe than sorry.

The key is to be safe, but not live in fear.


Edit:
Here's a better article that gives more info about what's going on with Conficker.

 

[KSoD]

Yes i agree. the key is to be safe and not live in fear. But at the same time just 10 days after the scare they put out another article about it to get people scared again and back to this state of fear.

Over what? A few updates? How do we know what those updates are? How do we know if or when the conficker will go active?

I mean it even says in the article that it will search for systems that have not applied the patch that has been out since Oct. At this point, these people deserve it. 7 months and they cant apply 1 patch? Honestly those people dont care enough even after the scare from April 1st they deserve what they get at this point in time.

To me this is just the same as the Dud article cause it doesnt present us with anything new. It tells us a update was sent out but no word on a way to scan for it or anything. So what has it done?

Thrown people into a state of fear again, rushing to find a solution and a way to check their system. All along they have been protected if they applied that patch.

So really looking at it like that how is it not? All this is doing is bringing the fear back without offering anything in regards to a solution that was any different than what we had 10 days ago.

 

[Osiris]

http://www.techist.com/forums/f51/conficker-botnet-stirs-distribute-update-payload-204708/

I forgot to add in my original post, Money $$$

This still IMO is nothing to worry about. All it's doing is exploiting unpatched systems, the same way most all do. It may as well be the most tricky to get rid of, but thats because its a new form of malware.