×

Warning

JUser: :_load: Unable to load user with ID: 66
Monday, 31 August 2009 10:23

Conficker, back with a vengeance as top worm

By
The infamous Conficker worm first spread its malicious infection across the Internet more than eight years ago and just last month it shot back into prominence, infecting 43 percent of machines in use worldwide in the space of four weeks and, for good measure, it now installs rogue security software on compromised machines.

According to security firm BitDefender’s top 10 e-threats tracker list for August, once again worm-type malware dominated, with Win32.Worm.Downadup – a.k.a. Conficker or Kido – ranking first with 43 percent of the total amount of infected machines.

Conficker restricts access to the websites associated with IT security vendors and now, apparently, the latest variant of the worm can install rogue security software on compromised machines.

BitDefender’s report for August has Win32.Induc.A, a less common piece of malware application built with Borland (now Embarcadero) Delphi versions 4 through 7, in second place on its top-10 e-threats list. According to BitDefender, this virus does not infect binary files, but modifies the SYSCONST.PAS file, injects its malicious code and then compiles the file back.

The security firm says all the applications built with the compromised compiler would then be infected with the virus, and it warns that although Win32.Induc.A has no malicious payload, its abrupt escalation in its top 10 e-threats tracker suggests that, at present, “few Delphi developers are aware of the widespread infection.”

And, a file infector known as Win32.Sality.OG, grabs third spot on the list, with BitDefender reporting that the polymorphic file infector appends its encrypted code to executable files (.exe and .scr binaries), and in order to hide its presence on the infected machine it deploys a rootkit and attempts to kill antivirus applications installed locally.

Meanwhile,  BitDefender says that the increasing presence of the worm Worm.Autorun.VHG – now ranked fourth - reveals that users are still ignoring Microsoft’s security advisories to deploy security patches, with the Internet/network worm exploiting the Windows MS08-067 vulnerability in order to execute itself remotely using a specially crafted RPC (remote procedure call) package, an approach which the security firm says is also used by Conficker.
 
BitDefender also warns of a high-risk infection from its fifth ranked Win32.Virtob.Gen file infector written in assembly language, which it says hides its presence by injecting hooks into other Windows processes, but avoids compromising system files, and opens a backdoor that can be exploited by a remote attacker to seize control over the infected machine.

Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments