• Categories

  • Browsers
  • Business Software
  • Communications
  • Desktop Enhancements
  • Developer Tools
  • Digital Photo Software
  • Downloads
  • Drivers
  • Educational Software
  • Games
  • Graphic Design Software
  • Home Software
  • Internet Software
  • iTunes and iPod Software
  • Linux
  • MP3 Audio Software
  • Networking Software
  • Productivity Software
  • Screensavers and Wallpaper
  • Security Software
  • Software News
  • Utilities and Operating Systems
  • Video Software

• Archives

  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

• Links

  • Gadget Mania
  • Gadget Reviews
  • USB World
  

• Meta

  • Log in
  • WordPress
  • XHTML
Tweet

Trend Micro Discovers New Variant of Conficker: WORM_DOWNAD.E

Criminals behind the Conficker worm finally showing signs of activity that may indicate something larger brewing at bay.

Trend Micro discovered a new file sourced by a known Conficker P2P IP node – a new variant of Conficker now known as WORM_DOWNAD.E, indicating that cybercriminals behind the notorious Conficker worm may finally be gearing up for more serious attacks.

Trend Micro threat researchers had been carefully monitoring for signs of Conficker activity and discovered increasing P2P communications from the Conficker peer nodes, believed to be hosted in Korea. The file, found in the Windows Temp folder, was created on April 7, 2009 at 07:41:21 PM, PDT.

The new variant, WORM_DOWNAD.E, runs using a random file name and random service name; it is known to connect to the following sites: myspace.com, msn.com, ebay.com, cnn.com, and aol.com. This also propagates via MS08-067 to external IPs if the Internet is available; however if no connections are found, it uses local IPs.

It spreads through vulnerabilities in the operating systems.

As always, Internet users are urged to install and update their security software to ensure their PCs are protected from Web threats like this that are fast, stealthy and hard-to-detect.

Many of Trend Micro’s products are powered by the Trend Micro(TM) Smart Protection Network, which blocks threats before they can enter a network; correlated in-the-cloud Web, email and file reputation databases allow Trend Micro to quickly analyze and block new threats as they appear. Products for consumers and enterprises include:

For enterprises, Trend Micro OfficeScan Client/Server Edition

The multiple protection layers embedded in Trend Micro(TM) OfficeScan(TM) are designed to stop this aggressive malware–protecting endpoints against infection and preventing it from spreading to other PCs and servers. The faster protection delivered by the Trend Micro(TM) Smart Protection Network is designed to detect the initial infection and propagation attempts of worms like Downad/conficker and blocks them immediately.

For consumers, Trend Micro(TM) Internet Security Pro

Trend Micro Internet Security, which is designed to block worms like the Downad/conficker worm, covers all home computers with smart protection against viruses, spyware, and other malicious threats without slowing down computer performance.

Research and collaboration is currently ongoing in Trend Micro threat research labs, as well as within the Conficker Working Group. Updates can be found on the Trend Micro malware blog: http://blog.trendmicro.com/.

Source: Trend Micro Incorporated

PandaLabs Predictions of Conficker’s Minimal Impact on April Fools Day Ring True

The Much-Feared Re-activation of Conficker on April 1st Goes Off Without a Bang

PandaLabs, Panda Security’s malware detection and analysis laboratory, predicted in a recent blog post that the malicious Conficker worm won’t cause major upheaval on April 1st and advised consumers not to “get taken in by the Conficker panic“. As predicted by PandaLabs, the much-feared reactivation of the Conficker virus, forecasted for Midnight on April 1, has yet to cause massive infections.

According to Luis Corrons, Technical Director of PandaLabs, “The ultimate aim of the virus is to obtain money. With the alarm generated by the media attention, security vendors have been working to avoid a potentially widespread epidemic. Evidently though, if someone is going to steal money, they are not interested in being headline news. That’s why we believe that its creator is trying to find a new zero-day vulnerability to exploit in order to spread the infection. But it will happen at a moment when our guard is down, not when everyone is on the alert.”

At Midnight on April 1, Conficker started to generate 50,000 new URLs from which, supposedly, the malware would be able to update itself to a new version, starting a massive series of infections. However, until now, no new versions or additional infections have been detected other than those already associated to the previously active variants.

“It is still possible that at any moment one of these URLs could be activated and the worm could download an update to its code or new malware. In any event, this would only affect users who are unprotected against Conficker, although there are still many of them,” says Corrons.

Although there has been much speculation as to why the creators are trying to draw attention to Conficker, Corrons adds, “The reality of today’s malware is that it is created with a financial motive. At PandaLabs we believe that the cyber-criminals behind this worm are still aiming to infect as many unprotected computers as possible. This way, with a critical mass of infected computers, they can then start to profit by renting out the network for sending spam, downloading Trojans to steal data and other fraudulent activities.”

Ironically, one of the main dangers associated with Conficker, as described on the PandaLabs blog is not the worm itself, but the fact that cyber-crooks are exploiting the notoriety of this malware to distribute other malicious code from domains ranked highly in Internet searches for the word ‘Conficker.’

To avoid falling victim to Conficker and other malicious code, PandaLabs advises:

• Having an up-to-date anti-malware solution installed

• Installing the patch that fixes the vulnerability exploited by Conficker

• Having a solution to prevent malicious code spreading through USB devices (pen drives, MP3 players), etc. With this in mind, Panda has developed the free Panda USB Vaccine, which can be downloaded from here

• Not opening emails from unknown sources and never clicking links or running files attached to such emails

Source: Panda Security

Conficker – April Fool or April Fright?

Wurldtech Reduces the Potential for Damage to Critical Industrial Infrastructure

Zero Day for the Conficker worm is April 1, and while everyone hopes it will be only a bad April Fools joke, the potential for damage to the infrastructure of the world’s business community is not a joking matter.

Vancouver-based Wurldtech(TM) Security Technologies, a leading global provider of cyber-risk solutions to critical industrial sectors such as energy, nuclear, power, transportation, chemical and water, will announce in advance of the Conficker Zero Day event a major alliance with global energy companies that is aimed at reducing the potential for damage from cyber threats like Conficker. The announcement detailing this partnership will be distributed Tuesday, March 31, 2009.

“We’ve been getting anxious calls from industrial plant managers asking what to do about Conficker,” says Wurldtech President and CEO Tyler Williams, “and we’ve told them that they shouldn’t have a problem if they’ve been following a program of upgrades, patches and good security practices all along. The problem,” he continues, “is when they tell us they haven’t been doing that.”

As people worry about the security of their home PC, or their business network, the systems and networks that manage and control the everyday services we’ve come to rely on – such as subways, traffic lights, electric power, and even water are just as vulnerable, and in fact, often more so. Protecting these systems is fundamentally a matter of determining how much security you need to protect the integrity of the operations, Williams says, whether it’s the control of a nuclear power plant or an oil refinery, the results of cyber threats are the same – systems down. Unfortunately the impacts can be catastrophic.

“Regardless of the outcome,” says Wurldtech’s Williams, “the Conficker worm event again points to the necessity to be vigilant, and to develop dynamic security solutions that protect our world’s infrastructure from cyber attack.”

For more information on Wurldtech Security Technologies, please visit: www.wurldtech.com

The Laptop Guy Recommends a Good Offense in Advance of the Pending April Fool’s Day Computer Worm

The best security experts in the country are aggressively working to stop the pending release of a worm called Conficker C (Conficker) and prevent damage to millions of computers. The predicted April Fool’s Day release of Conficker is anything but a joke and has prompted Microsoft to post a $250,000 bounty for the malicious program’s author. While security experts devote their energies to stopping the release, Todd Feit, Founder and CEO of The Laptop Guy, a Columbus, Ohio based laptop company, is suggesting three proactive steps that computer users can perform to mitigate the spread of the worm and prevent the loss of data.

The first step is to take measures to save valuable data. “What happens on April 1st is uncertain, but we recommend not taking any chances when it comes to the pictures, music, and data stored on your computer,” explains Todd Feit. Experts believe that the Conficker program can delete data files. “We are aggressively recommending that individuals back up all of their data in advance of April 1st. We realize that this is sometimes easier said than done for users that have large amounts of data, but we believe it is the single most important thing you can do in advance of this predicted outbreak,” suggests Mr. Feit.

The second recommended step in damage control for the Conficker worm is to check and see if you have already been infected. It is believed the program may have already set up residence in up to 10 million personal computers and is lying in wait for the April 1st activation. The Laptop Guy suggests that computer users check to see if they are current on all Windows Updates including the March update. “Conficker has the ability to disable automatic updates and if a system has stopped performing automatic Windows updates, it could already be infected,” explains Mr. Feit. “It may already be too late, however, we still recommend customers update their system and back up their important files.”

The final step is to confirm that your system’s anti-virus software is up to date and is performing automatic updates. “Unfortunately, if a consumer has not been utilizing anti-virus software or keeping up to date, they are at increased risk for Conficker,” according to Feit. “If a user has been exposed due to lapses in anti-virus or Windows Security, unfortunately the only recommendation seems to be to perform the updates, back up your important files and hope for the best.”

Regardless of whether or not the April Fool’s Day release of Conficker becomes a reality, the above steps will improve the security of a user’s computer. Todd Feit states, “Whether it’s Conficker or any virus that is out there or on the horizon, a computer users best defense is a great offense!” For more information and instruction on how to implement the above recommendations, consumers should visit www.LaptopGuy.com.

The Laptop Guy

It began nine years ago with a guy and his dog fixing laptops at a rented counter of a toy store. Today, The Laptop Guy retails, repairs and recycles thousands of laptops from all over the country. The organization may have grown, but its philosophies and values remain the same. To learn more about The Laptop Guy, visit www.LaptopGuy.com

Conficker Worm Free Removal Tool Has Been Released by the Enigma Software Group

Enigma Software Group USA, LLC. (“Enigma Software Group” or “Enigma”) announced today that it has released a free removal tool that will eliminate the Conficker worm from infected computers. Enigma Software Group has made this tool available at http://www.enigmasoftware.com/. The tool is free of charge, for anyone who does not have adequate protection tools.

The Conficker worm, first discovered in November, 2008, has already infected about 12 million computer systems. The initial variant of the worm, Conficker.A, exploits a vulnerability of Microsoft Windows (MS08-067), to spread itself to vulnerable computers. The exploit allows remote code execution when file sharing is in use and affects the following operating systems: Windows XP, Windows Vista, Windows Server 2003 and Windows Server 2008.

The second variant of the threat, Conficker.B, also has the ability to spread via network shares, as well as removable drives (USB devices and other portable storage). Conficker.B attempts to infiltrate weakly protected systems by trying a number of common passwords. When spreading via USB memory sticks, Conficker.B infects the autorun.inf file.

When executed on a computer, both variants of Conficker disable a number of system services, including Windows Automatic Update, Windows Security Center, Windows Defender and Windows Error Reporting. This malware also blocks infected systems from downloading new security software or receiving updates for current security software. Upon execution, Conficker connects to a server where it receives further instructions to propagate and gather personal information. Conficker also creates a backdoor, through which the worm can download and install additional programs from the malware’s creator. Additionally, the worm attempts to prevent its removal by using the access control list to fasten its executable onto the infected system.

The free Conficker removal tool offered by Enigma Software Group executes a four-step procedure to completely disable and remove the Conficker worm from an infected system. First, the Conficker removal tool will disable the Computer Browser, Server and Scheduler Services. This will remove the Admin shares from the system so that the malware cannot spread by using this method. Next, the tool will remove Conficker Services, Conficker AutoRun.inf files and, finally, Conficker Service Files. Every step of the Conficker removal process requires a reboot.

Source: Enigma Software Group USA, LLC

• Recent Posts

  • Bitdefender Special Discount: 29% OFF for the Leap Year
  • Vintage Camera for iPhone and iPod Touch
  • How Online Communication Connects Generations
  • 2012 Best DVD Ripper for Mac and Video Converter for Mac
  • Crackle Voice-controlled Experience on Xbox 360
  • ESET has been named a 2011 Top Rated Product by AV-Comparatives
  • Microsoft Provides Tips to Help Protect Your Online Image
  • Register Now for the 2012 TopCoder Open!
  • Apple All-New iTunes U App for iPad, iPhone and iPod touch
  • Free Adobe Photoshop Lightroom 4 Beta Delivers Unparalleled Image Processing
  • Macworld | iWorld: More Than 100 Brand New Products Debuting for the Apple Platform
  • IBM Brings the Power of Analytics to Social Business
  • TomTom Provides Customers with More Details about How It Uses Their Location Data
  • CES 2012: Mobile Security V6.0 for Android
  • CES 2012: ZappoTV Beta Android Version of Popular iOS App

• Tags

  2009 Adobe America antivirus Apple application app store browser business cybercriminals data protection download encryption FileMaker free IBM internet iPad iPhone iPod touch Mac Malware Microsoft news office online PandaLabs Panda Security productivity protection safety security Security Software SIIA social media software Software News tech technology threats Trend Micro US USA Windows Windows 7