27 Comments

1. Kaspersky Labs USA » Conficker wakes up, updates via P2P, drops payload said:

   Wednesday, 8. April 2009 um 11:19 pm

   [...] servers that are associated with the Waledac family of malware and its Storm botnet, according to a separate blog post by Trend Micro security researcher Rik [...]

2. Malware Diaries » Blog Archive » Conficker alive and well with new variant update via P2P said:

   Thursday, 9. April 2009 um 12:30 am

   [...] some evidence links Conficker with the Waledac malware family also known for its large botnets, and worth [...]

3. TECHGEEK.com.au : Trend Micro : New variant of Conficker in the wild said:

   Thursday, 9. April 2009 um 2:06 am

   [...] “This new Downad/Conficker variant is talking to servers which are known already for being associated with the Waledac family of malware, in order to download further malicious components. These components have so far been missing, but could this finally be the “other boot dropping” that we have all been waiting for?” Rick Ferguson wrote on the Trend Micro’s Countermeasures blog. [...]

4. Conficker wakes up, updates via P2P, drops payload | NJN Network said:

   Thursday, 9. April 2009 um 3:31 am

   [...] servers that are associated with the Waledac family of malware and its Storm botnet, according to a separate blog post by Trend Micro security researcher Rik [...]

5. Cloud Computing Adoption Comes Down To Trust and Openness | Tek Tips Blogs said:

   Thursday, 9. April 2009 um 6:47 am

   [...] back in a new form. TrendLabs have this evening discovered a new variant of Downad/Conficker called WORM_DOWNAD.E spreading over the peer-to-peer functionality of the previous version of this now infamous [...]

6. Trend Micro entdeckt neue Conficker-Variante - Security | News | ZDNet.de said:

   Thursday, 9. April 2009 um 9:17 am

   [...] Conficker mit der Bezeichnung WORM_DOWNAD.E entdeckt, die

7. Conficker wakes up, updates, drops payload | Between the Lines | ZDNet.com said:

   Thursday, 9. April 2009 um 10:21 am

   [...] servers that are associated with the Waledac family of malware and its Storm botnet, according to a separate blog post by Trend Micro security researcher Rik [...]

8. Conficker botnet stirs to distribute update payload - Computer Forums said:

   Thursday, 9. April 2009 um 11:36 am

   [...] potential clues on the origins of the worm, because of possible links to other malware. Trend Micro reports that the new Downadup/Conficker variant is talking to servers associated with the Waledac family of [...]

9. Conficker alive and well with new variant update via P2P said:

   Thursday, 9. April 2009 um 12:13 pm

   [...] some evidence links Conficker with the Waledac malware family also known for its large botnets, and worth [...]

10. Conficker wakes up, updates, drops payload | The IT Security Attaché said:

    Thursday, 9. April 2009 um 12:21 pm

    [...] for the second point, researchers said the worm tries to access a known Waledac domain and download another encrypted file, but they’re [...]

11. Conficker.E: Aufgewacht und »Ready to Rock!« - The Inquirer DE said:

    Thursday, 9. April 2009 um 12:54 pm

    [...] TrendMicro-Meldung TrendMicro-Analyse Conficker Working Group // [...]

12. Dennison Technology Group Inc. » The Conficker worm is finally active. said:

    Thursday, 9. April 2009 um 2:25 pm

    [...] for the second point, researchers said the worm tries to access a known Waledac domain and download another encrypted file, but they’re [...]

13. Conficker deve tentar novo ataque em maio « 1security’s Blog said:

    Thursday, 9. April 2009 um 4:15 pm

    [...] TrendMicro divulgou, em seu blog de segurança, que o malware Conficker recebeu novas orientações via conexões P2P para disparar uma onda de [...]

14. .:: Securnetwork.net Blog - Massimo Rabbi ::. » Conficker ora si aggiorna! said:

    Thursday, 9. April 2009 um 5:17 pm

    [...] esistenti e utilizzando da quel momento in poi nomi di file e servizi in maniera random. Il worm si mette in ascolto sulla porta TCP 5114, in attesa di richieste in grado di essere processate dal mini-server HTTP [...]

15. New Downad/Conficker variant spreading over P2P » Counter Measures | thepostingsecrets said:

    Thursday, 9. April 2009 um 8:50 pm

    [...] Original post: New Downad/Conficker variant spreading over P2P » Counter Measures [...]

16. Conficker si è svegliato, altro che pesce d’aprile - The New Blog Times said:

    Thursday, 9. April 2009 um 9:17 pm

    [...] Conficker comunica con i server associati alla famiglia di malware Waledac e con la botnet Storm, spiega Rik Ferguson di Trend [...]

17. El nuevo Conficker ya no se conecta a dominios | Shadow Security said:

    Friday, 10. April 2009 um 12:06 am

    [...] cuanto al segundo punto, los investigadores dicen que el gusano intenta acceder a un dominio conocido de Waledac y descargar otro archivo cifrado, [...]

18. blog.grospolina.net said:

    Friday, 10. April 2009 um 9:15 am

    …

    Tja, da gehen die sog. Experten hin und registrieren sich domains die der Conficker-Wurm anlegen wird,
    um ein Update zu Verhindern, was ja eh aussichtlos erscheinen musste,
    und dann geht der sucker hin und macht etwas vollkommen anderes.
    Jede noch s…

19. Top 10 Websites To Learn The Art Of Being A Fashionista | Classics Blog said:

    Friday, 10. April 2009 um 12:29 pm

    [...] New Downad/Conficker variant spreading over P2P » Counter Measures [...]

20. File Extension Torrent | Gadgets & Tech said:

    Friday, 10. April 2009 um 1:40 pm

    [...] New Downad/Conficker variant spreading over P2P » Counter Measures [...]

21. Conficker wakes up, updates via P2P, drops payload | Cyberphunkz Tech Blog said:

    Friday, 10. April 2009 um 3:35 pm

    [...] servers that are associated with the Waledac family of malware and its Storm botnet, according to a separate blog post by Trend Micro security researcher Rik [...]

22. Conficker: Neue Variante sorgt für neue Panik said:

    Friday, 10. April 2009 um 8:52 pm

    [...] Ewell konnte Symantec solche Verbindungen der Schädlinge untereinander bereits beobachten. Auch Rik Ferguson von TrendMicro spricht – wenn auch sehr vorsichtig – von so einer möglichen [...]

23. Conficker disparará novos ataques em 3 de maio said:

    Saturday, 11. April 2009 um 3:13 am

    [...] uma nova onda de ataques no dia 3 de maio. A informação foi divulgada pela empresa de segurança TrendMicro. O worm de rede recebeu recentemente instruções via conexões [...]

24. Trend Micro: Conficker się obudził i instaluje spyware | covalic ...bo grafika jest dla ludzi said:

    Saturday, 11. April 2009 um 4:08 pm

    [...] po ostatniej aktualizacji, oprócz dodania nowych możliwości powielania się, Conficker zaczął łączyć się z serwerami rodziny szkodników Waledec i jej botnetem Storm. Po nawiązaniu z nimi kontaktu, robak próbuje [...]

25. Heise Meldung: Conficker-Wurm lädt jetzt doch nach said:

    Tuesday, 14. April 2009 um 8:40 am

    [...] Registry-Einträge löscht und fortan mit zufälligen Dateinamen und Dienstnamen arbeitet. Zudem öffnet der Wurm nun den Port 5114 und lauscht mit einem eingebauten HTTP-Server auf Verbindungsanfragen. [...]

26. Conficker acorda e instala conteúdo desconhecido nos micros infectados | Tumulto said:

    Monday, 20. April 2009 um 7:51 pm

    [...] houve conexão com servidores relacionados ao malware Waledac, que teria sido criado pelos responsáveis pela rede [...]

27. The ultimate guide to scareware protection « AES IT Security said:

    Tuesday, 27. October 2009 um 6:08 pm

    [...] botnet gang has already made three attempts to monetize the millions of infected hosts, by reselling access to them to two different gangs, but has also attempted to install scareware on [...]

Leave a comment