Microsoft warns of copycat Conficker worm

A modified version of an old worm has taken notes from Conficker and is using similar attacks.

The 1 April Conficker scare may have come and gone, but Microsoft has uncovered a new worm that has updated itself to imitate Conficker's characteristics.

The worm Neeris' has been active for a few years, but has been updated to target the same Microsoft flaw MS08-067 which Conficker exploited to become so successful.

Advertisement - Article continues below

Other similarities between Neeris and Conficker are that it downloads a copy of the worm from the attacking machine using HTTP, spreads via autorun, and uses a driver to patch the TCP/IP layer of the system.

Microsoft researchers Ziv Mador and Aaron Putnam wrote on the Malware Protection Centre blog that it was interesting that the variant of Neeris spiked' between late 31 March and 1 April, when the Conficker hype was at its highest.

However, no Conficker variant downloaded Neeris and there was no evidence it was related to Conficker.D's 1 April algorithm change.

They said: "The earliest samples of Neeris date back to May 2005, so it seems the Conficker authors may be the copycats here... But the Neeris authors added the MS08-067 vector later."

"Therefore it is possible that these miscreants somehow collaborate or at least are aware of each other's products'."

The researchers similar fixes apply to Neeris as to Conficker. They advised installing the MS08-67 patch, use only AutoPlay options that were familiar, and consider disabling autorun altogether.

Advertisement
Advertisement - Article continues below

More fixes and information about Neeris are available here.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020
Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Visit/security/34616/the-top-ten-password-cracking-techniques-used-by-hackers
Security

The top ten password-cracking techniques used by hackers

5 May 2020
Visit/mobile/5g/355712/nokia-5g-speed-record
5G

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Visit/cloud/cloud-computing/355742/microsoft-launches-public-cloud-service-for-health-care
cloud computing

Microsoft launches public cloud service for health care

21 May 2020