[Nfbf-l] Fw: Accessible Devices Conficker worm Becomes Active, Begins Peddling Rogue AntiVirus Program
Sherri
flmom2006 at gmail.com
Mon Apr 13 05:03:05 UTC 2009
Please make sure your Microsoft updates are current and that you have a good
antivirus scanner with current updates.
Sherri
----- Original Message -----
From: "Parker at Vip conduit" <Vipcomm at mchsi.com>
To: "Accessible Devices" <a-d at accessible-devices.com>
Sent: Friday, April 10, 2009 5:29 PM
Subject: Accessible Devices Conficker worm Becomes Active,Begins Peddling
Rogue AntiVirus Program
> This article is well worth reading.
> Researchers discovered a new variant of the Conficker worm Thursday whose
> mission
> is to cash in on unsuspecting PC users. Security companies are warning
> that the variant
> is attempting to download malicious code onto victims' systems, possibly
> including
> copies of the Waledac Trojan, a spam-oriented application that has
> propagated through
> bogus e-mail messages.
> The malware authors seem to be making headway after a false start on April
> 1. US-CERT
> said it's aware of reports indicating a widespread infection of the
> Conficker/Downadup
> worm, which can infect a Microsoft Windows system from a thumb drive, a
> network share,
> or across a corporate network if the network servers don't have the
> MS08-067 patch
> from Microsoft.
> What Happens Next?
> What happens next is up to the controllers of Conficker, according to
> Richard Wang,
> a manager at Sophos. There have been no significant updates since
> Thursday. The new
> Conficker variant, complete with enhanced features, is spreading, he said,
> and the
> malware authors are in a position to supply whatever updates they choose
> into the
> Conficker network.
> One of Conficker's early moves was to download rogue security software
> onto infected
> PCs. "The fake security software that is downloaded is very visible. It
> will display
> messages and fake security scan results to users, urging them to purchase
> additional
> protection software," Wang said. "If it's on your PC, it's hard to miss."
> The scareware is called Spyware Protect 2009. The program displays a
> pop-up message
> that tells a victim the computer is infected and says software is
> available to remove
> the fake antivirus program for $49.95. The victim is then sent to a fake
> Web site
> to enter credit-card information. The cybercriminals walk away with the
> money and
> the victim gets nothing but the bill. Security researchers warn that
> Conficker could
> be used to launch further attacks that are likely to focus on financial
> gain.
> Staying Vigilant
> The publicity surrounding Conficker has been widespread, but security
> researchers
> agree there are always more people to reach. As Wang noted, new users sign
> on to
> the Internet every day, so the process of computer-security education is
> never-ending.
> One of the key messages that needs to be repeated is that detection and
> removal can
> be accomplished with any good antivirus product. Separate removal tools
> are available
> and can be convenient, but they only deal with Conficker and do not secure
> a PC against
> other threats.
> "People should be protecting their computers every day against all
> threats. Focusing
> on one particular threat at the expense of others can be
> counterproductive. Putting
> good security measures in place will help protect you against all
> threats," Wang
> said.
> "People must also remember that security software should be used alongside
> good security
> practices, not instead of them," he added. "Keep your software patched and
> up to
> date, use strong passwords, and don't trust strangers on the Internet any
> more than
> you would trust strangers on the street."
>
> www.vipconduit.com
> and
> www.accessible-devices.com
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> <http://mail.accessible-devices.com/pipermail/a-d_accessible-devices.com/attachments/20090410/a9b16724/attachment.html>
> This is an Announce only list. Subscribers are not able to post to this
> list.
> To unsubscribe from the Accessible Devices list copy the line below.
> Paste it in
> the To: line of a blank message and send it.
> a-d-unsubscribe at accessible-devices.com
> Please feel free to pass this message on to a friend who might like to
> subscribe.
> To subscribe to Accessible Devices send a blank e mail to:
> a-d-subscribe at accessible-devices.com
> Just follow the directions in the confirmation message when it comes.
> Please Note: Accessible Devices is not able to provide tech support for
> software or products that we supply information about.
>
>
> _______________________________________________
> A-d mailing list
> A-d at accessible-devices.com
> http://mail.accessible-devices.com/mailman/listinfo/a-d_accessible-devices.com
More information about the NFBF-L
mailing list