Uh oh
Security software maker Trend Micro publishes a blog in which it gives updates on the latest state of play in the world of malware.
Its latest post concerns the much-feared worm called Conficker (also known as DOWNAD), which had been expected to spring into malevolent life on 1 April. That didn't happen but Trend has recently detected signs of activity from the worm.
"Days after the April 1st activation date of Conficker, nothing interesting was seen so far in our Downad/Conficker monitoring system except the continuous checking of dates and times via Internet sites, checking of updates via HTTP, and the increasing P2P communications from the Conficker peer nodes," opens the post.
"Well that was until last night when we saw a new file (119,296 bytes) in the Windows Temp folder. Checking on the file properties reveals that the file was created exactly on April 7, 2009 at 07:41:21."
Trend goes on to propose that this is a new variant of the worm called WORM_DOWNAD.E. It apparently leaves no trace of itself on the machine after running. The blog concludes by saying "The Conficker/Downad P2P communications is now running in full swing!"
