Monday, March 16, 2009

W32.Downadup.C is in the wild. It looks like Conflicker is starting to evolve.

It recently received a new set of instructions that are designed more to protect it then to make it spread any more. It is continuing to attack antivirus software that is used to clean it up. Just as the security industry has gotten into its system of communicating with its self, the virus has gotten a new algorithm that makes it 200 times harder.

This cat and mouse game is about to get interesting. We have yet to see a payload from this virus. There is no question that the attack has changed at this point. Without using any new attack to build a larger infection base, it has to hold what it has already. You don’t fight that hard to keep a system infected unless you have a plan for it later.

No comments: