We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Symantec spots new variant of Conficker worm

New Downadup version kills antivirus software

A third version of Conficker, also known as Downadup, has been identified by Symantec, which says the new variant gives infected machines more powerful instructions to disable anti-virus software and analysis tools, among other actions.

W32.Downadup.C is a modular component for machines currently infected with Downadup. This variant of Downadup is not attempting to self-replicate and appears to behave more like a Trojan than a worm, said Vincent Weafer, vice president of Symantec Security Response.
"Think of it as an updated module that's more aggressive, more robust in defending itself," Weafer said.

The W32 Downadup.C variant was discovered on Friday in a Symantec honeypot and is still under investigation. Symantec expects to identify additional capabilities shortly, said Weafer, who added that Symantec has not yet seen W32.Downadup.C in customer networks directly.

Earlier versions of Downadup did attempt to disable anti-virus software, but the third version represented in the Downadup.C module is designed mainly to provide more protective actions to infected Windows-based machines so they can better defend themselves from anti-virus software and other eradication methods.

"It's more aggressive, it has more services," said Weafer.

See more PC security advice

How to stop Conficker

Network World


IDG UK Sites

Windows 10 release date, price, features. The next version of Windows will run on everything:....

IDG UK Sites

An Apple fan's perspective on the Windows 10 launch

IDG UK Sites

Sensor-laden kids' watch with 3G launches in Japan

IDG UK Sites

2014 Retina iMac release date rumours, specs and features: 27in 5K Retina iMac 'launching this mont'......