BACK TO PCSTATS Follow PCSTATS on Facebook PCSTATS RSS Feed PCSTATS Twitter Feed + Motherboards
+ Videocards
+ Memory
+ Beginners Guides
News & Advanced Search  Feedback?
[X]   Directory of
Guides & Reviews

Beginners Guides
Weekly Newsletter
Archived Newsletters

Seagate Backup Plus Slim External USB 3.0 2TB Hard Drive Review
Kaspersky Lab analyses new version of Kido (Conficker) - Kaspersky Lab analyses new version of Kido (Conficker)
Sat, April 11 2009 | 2:49AM | PermaLink Feedback?
Kaspersky Lab, a leading developer of secure content management solutions, announces that a new version of the malicious program Kido (aka Conficker and Downadup) has been detected. During the night of 8th/9th April, computers infected with Trojan-Downloader.Win32.Kido (aka Conficker.c) contacted each other over P2P, telling infected machines to download new malicious files, thus activating the Kido botnet. This latest Kido variant differs significantly from previous variants: the malware is now once again a worm. Initial analyses suggest it has date-limited functionality until 3rd May 2009. In addition to downloading updates for itself, Kido also downloads two new files to infected machines. One is a rogue antivirus application (detected as FraudTool.Win32.SpywareProtect2009.s) that is being spread from sites located in Ukraine. When it's run, the program offers to delete "detected viruses" for a charge of $49.95. The second file which Kido downloads to infected systems is Email-Worm.Win32.Iksmas.atz. This email worm is also known as Waledac, and is able to steal data and send spam. When this malicious program was first detected in January 2009, a lot of IT experts noted the similarity between Kido and Iksmas. The Kido epidemic was mirrored by an email epidemic of a similar scale caused by Iksmas. "Over a 12-hour period, Iksmas connected to its control centers around the globe a number of times and received commands to send out spam mailings. In just 12 hours, one bot alone sent out 42,298 spam messages," Aleks Gostev, head of Kaspersky Lab's Global Research and Analysis Team, said in comments about the current situation. "Virtually every email contained a unique domain. This was obviously done to prevent anti-spam filters from detecting the mass mailings using methods that analyze the frequency with which a specific domain is used. Overall, we detected the use of 40,542 third-level domains and 33 second-level domains. Virtually all of these sites are located in China and are registered in the names of various people, most probably invented. "A simple calculation shows that one Iksmas bot sends out around 80 000 emails in 24 hours. Assuming that there are 5 million infected machines out there, the botnet could send out about 400 billion spam messages over a 24-hour period!" Kaspersky Lab is currently carrying out a detailed analysis of the new Kido variant. The company's experts are working on a new version of the KKiller utility, taking into account the specific functionality of the latest version of the worm. Users of Kaspersky Lab products have no cause for concern - the new version of the Kido worm (Net-Worm.Win32.Kido.js) has been detected heuristically from the outset (as HEUR:Worm.Win32.Generic), as has the variant of Iksmas that it downloads.
Original URL, circa 2009:

News Archives by Category
Audio / Sound Beginners Guides Benchmarks
Biometrics BIOS Business / Industry
Cases Chipset Computer / SFF PCs
Cooling / Heatsinks CPU / Processors Digital Cameras
Drivers Editorial Games
Gossip Hard Drives/SSD Hardware
Home Theatre Imaging Memory
Mobile Devices Monitors Motherboards
Mouse Pads MP3 Players Networking
Notebooks Operating System Optical Drives
Overclocking Peripherals Power Supply
Press Release Printers Servers
Site News Software Tips
Tradeshows / Events Video Cards Web News
   06 / 23 / 2018 | 12:24AM
Hardware Sections 

PCSTATS Network Features Information About Us Contact
PCSTATS Newsletter
ShoppingList Assistance
Tech Glossary
Technology WebSite Listings
PermaLink News
Archived News
Submit News (Review RSS Feed)
Site Map
PCstats Wallpaper
About Us
Privacy Policy
Advertise on PCSTATS

How's Our Driving?
© Copyright 1999-2018 All rights reserved. Privacy policy and Terms of Use.