FW: Conficker Worm Awakens, Downloads Rogue Anti-virus Software

["Larry Seltzer" <larry () larryseltzer com>]

It’s early in the morning. Remind me again why the perpetrators of these rogue anti-spyware products aren’t easily 
traceable through the payments

 

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.pcmag.com/securitywatch/
Contributing Editor, PC Magazine
larry.seltzer () ziffdavisenterprise com

 

Feed: Security Fix
Posted on: Friday, April 10, 2009 8:01 AM
Author: Security Fix
Subject: Conficker Worm Awakens, Downloads Rogue Anti-virus Software

 

Security experts nervously watching computers infested with the prolific Conficker computer worm say they have begun 
seeing infected hosts downloading additional software, including a new rogue anti-virus product. Since its debut late 
last year, the collection of hundreds of thousands - if not millions - of systems sick with Conficker has somewhat 
baffled security researchers, who are accustomed to seeing such massive networks being used for money-making criminal 
activities, such as relaying junk e-mail. Today, however, that mystery evaporated, as anti-virus companies reported 
seeing Conficker systems being updated with SpywareProtect2009, a so-called "scareware" product that uses fake security 
alerts to frighten consumers into paying for bogus computer security software. According to Kaspersky Labs, once the 
scareware is downloaded, the victim will see the usual warnings, "which naturally asks if you want to remove the 
threats it's 'detected'. Of course, this service comes at a price - $49.95." Kaspersky reports that

 <http://www.pheedo.com/click.phdo?s=58571342063667f4d6c07f6b33cd430d&p=1> 


View article... <http://feeds.voices.washingtonpost.com/click.phdo?i=58571342063667f4d6c07f6b33cd430d> 

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.