Wednesday, April 1, 2009

clamav detects conficker

Taken from http://www.clamav.net/2009/01/29/conficker-aka-downadup/

Some of you may have heard of a current major outbreak of a virus known as Downadup that has been reported at http://news.bbc.co.uk/1/hi/technology/7842013.stm and http://news.bbc.co.uk/1/hi/technology/7832652.stm. It has been estimated that move than 9 million PCs are infected across the world.

ClamAV detects Downadup, also known as Conficker, as Worm.Downadup. Once on a system it downloads components that ClamAV detects as members of the Trojan.Downloader- family of signatures.

The virus primarily exploits MS08-067; it can also spread through USB sticks. Since the virus is not spread by email we don’t expect to see much activity in our core user-base, which tends to use ClamAV to scan emails. We are, nevertheless, keeping an eye out for it through freshclam’s statistics gathering system – we are yet to see any obvious spike of activity from it. If we hear anything we’ll let you know.


at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Nvidia new hotplug feature on Linux

 If you use nvidia driver for your GPU, you probably wonder why in some config, you can't hotplug your second monitor. You need to reboo...