Conficker has been a mystery on when it would show its ugly face, but that has all changed. The secret is out on Conficker! Anti-virus companies reported seeing Conficker systems being updated with SpywareProtect2009, a so-called “misleading application” product that uses fake security alerts to frighten consumers into paying for bogus computer security software.
According to Kaspersky Labs, once the scareware is downloaded, the victim will see the usual warnings, “which naturally asks if you want to remove the threats it’s ‘detected’. Of course, this service comes at a price – $49.95.” Kaspersky reports that the rogue anti-virus product is being downloaded from a Web server in Ukraine.
The first version of Conficker contained within its genetic makeup instructions telling infected systems to visit a site called TrafficConverter.biz. This was a site where distributors of rogue anti-virus products would go for the latest programs and links to the latest download locations.
TechJaws published an article about “Online Ads Serving Up Rogue Software” which many of these affiliates were making six-figure paychecks each month distributing this worthless software by various means, including ad networks.
If you have Conficker on your system, you will not be able to use that computer to visit most security sites. There are a few exceptions. For instance, Conficker blocks infected systems from visiting F-Secure.com, but not fsecure.com, which is the same domain.
To remove Conficker please go here.
Hi Frank,
I came across this yesterday, although Tuesday there were signs of life which was thought to be a ‘copycat’ but turned out to be the replacement for Conficker – Downad.E
I have also come across infected machines locally that now have the new rootkit installed, Downad.E is hidden behind it and heavily encrypted as well as Waledac being downloaded along with rogue apps.
This is not good news for those infected, and is sure to be another moneyspinner for those behind with and anticipate many rogue apps to appear as ‘cures’
Enjoy the Easter weekend, mine will be busy sorting out infected machines I think, so much for repotting my Bonsai’s :)
I heard about the Tuesday signs of Conficker, but now we see its dirty side.