Conficker Goes Active April 9, 2009Posted by baldricman in News, Tech.
Tags: conficker, malware, virus, worm
Last week Deems posted about the Conficker worm that was set to strike on April 1st. Researchers, at the time, reminded us that the virus probably wouldn’t “go active”, at least not overtly, but would be more likely to wait it out a little longer till all the hype died down.
And so yesterday, at just over a week after its “wake-up”, Conficker started making some rustling noises in the bush. From an article at JCXP:
Researchers at Trend Micro have been tracking the worm since its discovery, and found that yesterday, the worm had awakened, and was dumping mysterious payloads on to victim’s computers. The payloads, suspected to be keyloggers of some sort, comes in the form of a .sys file, hidden behind a complex rootkit. Due to heavy encryption, researchers are having a difficult time analyzing the code of the program.
If your anti-virus and anti-spyware tools didn’t block it or cannot remove it (because the worm attempts to disable these tools), see the manual-removal instructions here.