Slashdot Mirror

← Back to Stories (view on slashdot.org)

New, Stealthy Conficker B++ Worm Discovered

Posted by CmdrTaco on from the god-i-love-that-name dept.

nandemoari writes "A new variant of the Conficker/Downadup worm has been detected. The worm opens a backdoor on an infected machine and allows hackers remote control of infected PCs. Dubbed Conficker B++ (and not to be confused with Conficker B), the new variant of the worm opens a backdoor with auto-update functionality, allowing a hacker to distribute malware to infected machines. It's difficult to know exactly how long Conficker B++ has been circulating, but researchers first noticed it on February 6 of this year." If this seems familiar to you, it probably is.

5 of 87 comments (clear)

  1. This is just a passing virus by BadAnalogyGuy · · Score: 5, Funny

    No need to worry. I'd be more worried about Conficker C. Lots of opportunities to shoot you in the foot.

    Then someone will undoubtedly create Conficker C++ and everyone will cry about how hard it is to understand and they will all flock to Conficker Java which promises a much cleaner object system.

    But eventually you know that some idiot is going to write Conficker C# which looks suspiciously like Conficker Java, but after a while grows into this gigantic mess of quickfix designs.

    So if you think Conficker B is bad, just wait a while.

  2. Re:profit motive by Anonymous Coward · · Score: 5, Funny

    Sell anti-virus software.

  3. Re:profit motive by Lord+Ender · · Score: 4, Insightful

    Botnets can be profitable, however, someone skilled enough to write the malware necessary for botnet creation could likely be making better money in the private sector with a real job and no jail risk (in the US, at least). Most of the stuff I see comes from Eastern Europe or Asia, where law enforcement is unlikely to prosecute and there aren't decent Software industries hiring people with programming talent.

    So they make money by

    • sending spam
    • click-fraud (scamming web advertisers)
    • stealing CC numbers
    • DDoS extortion (yes, european banks have paid botnet owners' extortion demands to avoid getting DoSd.)
    --
    A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
  4. Re:profit motive by Saint+Aardvark · · Score: 5, Interesting

    You laugh, but that situation is just what F-Secure describes for an unrelated bit of Facebook malware. FTFA:

    As we pointed out in yesterday's post, the timing of the Facebook "Error Check System" application and the subsequent Google search results pointing to rogue antivirus sites was almost too perfect to be a coincidence. It's entirely possible that the whole situation was designed to promote XP Antivirus variants such as "Antivirus 360" and "XP Police" (Rogue:W32/XPAntivirus). That's the formula, create something that spawns a search, then be ready to provide results that redirect to malicious sites. Either that or the bad guys are very quick on their feet and are ruthlessly opportunistic.... They're both.

    --
    Carousel is a lie!
  5. How to detect Conficker C# by Dystopian+Rebel · · Score: 4, Funny

    The only way to detect Conficker C# is that it requires the .NET runtime environment and MS SQL Server Express.

    --
    Rich And Stupid is not so bad as Working For Rich And Stupid.