April 27, 2009
The Conficker worm has already infected millions of computers and was expected to launch activity on April 1st. However, the worm has just started to slowly activate recently, weeks after its anticipated launch date.
The Conficker worm started to spread to millions of PCs last year, and it seems to now be turning the hosts it has infected into servers for e-mail spam, according to security experts. Analysts haven’t discovered the source of the virus. However, Vincent Weafer, a Symantec Security Response Vice President, says that the creators started using infected machines for unlawful purposes during recent weeks. This has been done by the worm installing another virus, Waledac, onto some of the computers.
Waledac is a virus that turns the infected computer into a botnet which sends out spam through e-mail. Another virus that Conficker carries prompts the owners of the infected PCs to buy Spyware Protect 2009, a fake anti-virus program. If the owners buy the fake program, their credit card information is stolen and then the virus will download more malware.
Researchers initially thought that Conficker would go active at the first of April since is was programmed to further communication attempts starting that day. Some success at crippling the virus has taken place by a security task force that industry experts have created. They have been able to block access to servers that control botnet computers.
Weafer says that people can expect the virus to be long-term and change slowly. This isn’t going to be aggressive and fast, he added.
