All the latest UK technology news, reviews and analysis

Conficker worm gets an upgrade

by Iain Thomson

More from this author

26 Feb 2009

Comments: 2

  • Tweet this
Virus
Conficker has been redesigned to get around attempts to shut it down

The Conficker worm, which infected millions of PCs last month, has received an upgrade which makes it much more effective.

The new variant, dubbed Conficker B++, has been redesigned to get around attempts to shut it down.

Further reading

Previous versions checked for software updates from a list of 250 randomly generated URLs. But security companies managed to reverse engineer the algorithm that generated the URLs and design a way to block the software from updating. The new variant now uses a new set of backdoors to update itself.

"We have discovered that the new variant no longer patches netapi32.dll against all attempts to exploit it. Instead it now checks for a specific pattern in the incoming shellcode and for a URL to an updated payload," said Microsoft in an advisory.

"The payload only executes if it is successfully validated by the malware. However, there does not appear to be an easy way for the authors to upgrade the existing Conficker network to the new variant."

The author of the Conficker worm is still at large, despite a $250,000 (£175,000) bounty offered by Microsoft for information on his identity.

Do you agree?

Add your comment

Identity

"bounty offered by Microsoft for information on his identity" It's amazing how they know that the offender is male, but do not know his identity :-)

Posted by: Woz 26 Feb 2009

Fair point

I took the balance of probabilities - I've only heard of two female malware writers.

Posted by: Iain Thomson 26 Feb 2009

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

german flag

Germany backs away from ACTA

Related white papers

Related articles

Related jobs

Today's top stories

heartvalentinesday

Top 10 Valentine's Day technology matches made in heaven

Microsoft Windows 8 start screen

Microsoft talks up Windows 8 for ARM hardware

Security enhancements will be added with the Chrome 17 update

Chrome for Android hands on review

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Oracle Appplications Support - HR and Payroll

Position:Oracle Applications eBusiness Suite Suport...

Developer

Software Developer A leading UK Software Application...

Senior Drupal Developer - PERM - £55K - URGENT

I am looking for a permanent senior Drupal Developer...

Retail Consultant - Data Transformation and Migration

Retail Consultant - Data Transformation and Migration...

To send to more than one email address, simply separate each address with a comma.