/>
X
Business

Making sense of the latest Conficker update

Several of you have emailed me for information about the latest Conficker update. Consider this post an update to my "no bull" guide to Conficker.

Several of you have emailed me for information about the latest Conficker update. Consider this post an update to my "no bull" guide to Conficker.

Q: So, what's happening?

A: On April 8th a new update was made available to machines infected with Conficker variant C. This new update is called Conficker.E by many antivirus vendors.

Q: How does this update come in?

A: As an .exe file (previous conficker variants were all .dll files) via peer-to-peer (P2P).

Q: What does this new update do?

A: It seems that this update is a scareware package. It consists of a fake antispyware tool called Spyware Guard 2008. This update is a rogue antispyware tool that when triggered will "discover" that the system is infected with malware and ask the user for a payment to remove it. Of course this is all a scam and the system remains infected after the paid-for detox.

Detailed removal instructions for Spyware Guard 2008 can be found here.

This update also reintroduces Conficker's ability to exploit the MS08-067 Windows vulnerability (Conficker.C didn't have this feature).

It's also suspected that Conficker.E will coral PCs and put them to work as part of a spambot network.

Q: Anything else interesting about Conficker.E?

A: Well, it is set to delete itself if the date is May 3, 2009 or later. Gives us an idea as to when the next update could be due.

Q: How widespread is Conficker.E?

A: Well, this this update is being sent to systems running Conficker.C, and it is estimated that this has infected a few million systems, that's a good starting point for how far this might go. Given that this update also leverages MS08-067 then it has the potential to spread even further.

Q: Is it time to panic?

A: Yes!!! ... Nah, of course it isn't. Update your PCs, scan your systems and get on with life.

Q: What should I do if I/a client/a colleague/a friend/a family member is still worried?

A: Send them here for a quick and simple test. If that's not enough, send them to the Sunbelt Software or BDToolssite so they can scan their systems for Conficker.

Don't Panic! :-)

Editorial standards

Related

How much RAM does your Windows 11 PC need?
adobestock-339222220

How much RAM does your Windows 11 PC need?

What is ChatGPT and why does it matter? Here's what you need to know
chat bot

What is ChatGPT and why does it matter? Here's what you need to know

These are my 5 must-have devices for work travel now
ipad-mini-firewalla-purple-macbook-air

These are my 5 must-have devices for work travel now