Slashdot Mirror

← Back to Stories (view on slashdot.org)

Conficker Worm Asks For Instructions, Gets Update

Posted by CmdrTaco on from the wormed-its-way-into-my-heart dept.

KingofGnG writes "Conficker/Downup/Downadup/Kido malware, that according to Symantec 'is, to date, one of the most complex worms in the history of malicious code,' has been updated and this time for real. The new variant, dubbed W32.Downadup.C, adds new features to malware code and makes the threat even more dangerous and worrisome than before."

3 of 285 comments (clear)

  1. Re:Dumbasses by Urd.Yggdrasil · · Score: 5, Informative

    Uhh, what? I have no idea what this "JPG exploit" your talking about is. Conflicker spreads through the MS08-067 RPC vulnerability, removable media, and shared folders; nothing to do with IE or jpegs.

  2. Re:why couldn't the instructions come from whiteha by patro · · Score: 5, Informative

    The worm probably uses encyption, so it doesn't just accept any control message from unknown sources.

  3. Re:why couldn't the instructions come from whiteha by Thelasko · · Score: 5, Informative

    why couldn't someone write an update telling conficker to cease operation and uninstall itself?

    Because that would be illegal.

    --
    One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".