Microsoft Warns of Copycat Conficker Worm

nk497 writes "Microsoft is warning that malware writers have adapted a four-year-old virus to use features of Conficker to take advantage of Windows flaws. Other similarities between the adapted Neeris worm and Conficker are that it downloads a copy of the worm from the attacking machine using HTTP, spreads via autorun, and uses a driver to patch the TCP/IP layer of the system. It even saw a traffic jump around the first of April, when the Conficker hype peaked. But the Microsoft researchers suggested Conficker may have copied Neeris, or that they're copying each other: 'It is possible that these miscreants somehow collaborate or at least are aware of each other's "products."'"

Of course! They're connected to teh intertubes

[Bearhouse]

"It is possible that these miscreants somehow collaborate or at least are aware of each other's 'products.'"

Well, no shit, Sherlock. Guess they must have Internet connection too, then...

With all the resources at Microsoft's disposal, you'd have thought that they'd have come up with a specific fix. Yes, I'm aware that regularly-patched machines are better protected, but the evidence is clear that many people don't do that; (and not just the pirates, either).

If Ms supplied something that detected/removed/protected against up&down, (free, with no 'Genuine Advantage / Validation' bs), then I'm sure pretty soon all the media would link to that & the sheeple would rush to download & install... How about it, Redmond?

Idiots guide to detecting Conficker

[Shrike82]

While doing a bit of looking around for another post in this thread I found what's basically an idiot's guide to detecting conficker. It uses pictures to show you if you have it.

This tickled my funny bone for some reason; you have to love the lets-use-pictures approach!