There are always new computer worms and viruses. Actually computer worms are a bit different as they target getting onto a computer and opening it up to someone to drop a virus or whatever they would like. Getting a worm on your computer will make your computer a member of a botnet, an army of computers that can take down websites or springboard out a new virus.
Some security researchers believe that the Conficker worm has penetrated more computers than any worm yet seen on the planet. It continues to gobble up insufficiently protected operating systems at an alarming rate. You might remember the big Storm worm computer menace of 2007 — well it turns out that Conficker has surpassed Storm’s peak of infection, and now possibly resides on millions of computers.
Anti-viral top-dog Symantec have reportedly noticed an upgrade to the Conficker worm that has been going out to infected systems — sort of a worm patch, if you will. The new code hardens the defenses of Conficker against the growing consortium of anti-malware makers that have been trying their best to keep the worm under control.
The ‘update’ of Conficker appears to be the first time the trojan has phoned-home and communicated with the Conficker HQ. Before, all the calls home went unanswered.
Once a system is compromised by Conficker, the worm will prevent the host computer from connecting with a long blacklist of anti-malware websites. Conficker takes advantage of a gaping Windows security hole. Microsoft has put out a patch for this hole a while ago, but if your computer is infected with Conficker before you had a chance to get the security hot-fix, Conficker will prevent your machine from accessing Windows Update. So a friendly reminder: always do your best to keep your OS well updated.
Conficker’s update greatly raises the amount of domains the worm will contact on a compromised computer. Previously, Conficker would contact 250 domains a day. But security researchers anticipated what domains it would contact, so they could shut them down. But now Conficker 2.0 is capable of connecting with 50,000 pseudo-random domains a day.
