Last night the dreaded Conficker worm finally got the update we've been waiting for since April 1. But cyber Armageddon will have to wait another day. The botnet, as predicted here, is now dedicated to spam.
(If you think that's going to keep us from running our awesome Conficker War Room banner, you're nuts.)
Further disappointing doomsayers, the new download -- which seems to have been first spotted by Trend Micro -- took place through Conficker's longstanding peer-to-peer functionality, rather than the DNS lookups that gave us that delicious April 1 ticking clock. Kaspersky Labs' analysis of the new payload concludes this morning that Conficker is now serving victims a fake anti-virus product that offers to remove malware for $49.95.
The worm also downloaded an existing e-mail worm called Waledac, which steals passwords and sends spam. Both worms "are now present on infected machines as part of the gigantic botnet designed to conduct spam mailings," Kaspersky writes.
The last thing the internet needs is more spam. But you have to give Conficker credit for not believing its own press. And I'm personally grateful that it brought to mind a moment from the original Die Hard film.
"You want money? What kind of terrorists are you?"
(Laughing) "Who said we were terrorists?"
See Also:
