Recover Lost Documents

Security companies are cautioning PC users of a new variant of the Conflicker worm that is attempting to download malicious code onto victims’ systems, possibly including copies of the Waledac Trojan, a spam-oriented application that originates through phony e-mails.

Jennifer LeClaire stated in her report for Newsfactor.com that US-CERT said it’s aware of reports of a widespread infection of the Conflicker/Downadup worm. This worm can infect a Microsoft Windows system from a thumb drive, a network share, or across a corporate network if the network servers don’t have Microsoft’s MS08-067 patch.

Richard Wang, a manager at Sophos, stated that the new Conflicker variant is spreading, and the malware authors are in a position to supply whatever updates they want into the Conflicker network.

One of Conflicker’s early actions was the downloading of rogue security software onto infected computers. Scareware called Spyware Protect 2009 would display a pop-up message that informs a victim that their computer is infected and suggests software to remove the phony anti-virus program for $49.95. The victim is taken to a fake Web site to enter their credit-card information, which the cybercrook uses to their advantage.

Security researchers are warning that Conflicker could be utilized to set off further attacks that are likely to focus on financial gain.

Wang stated that detection and removal can be accomplished with any good anti-virus product. He further said that people should know that security software should be used along with good security practices. He strongly urges people to ensure that their software is patched and up to date, utilize strong passwords, and to never trust strangers on the Web.