Symantec identifies third Downadup/Conficker variant

Downadup variant is better at defending itself from anti-malware technologies.

Ellen Messmer (Network World)
09 March, 2009 07:55
Comments

A third version of Downadup has been identified by Symantec, which says the new variant gives infected machines more powerful instructions to disable anti-virus software and analysis tools, among other actions.

W32.Downadup.C is a modular component for machines currently infected with Downadup. This variant of Downadup, also called Conficker, is not attempting to self-replicate and appears to behave more like a Trojan than a worm, says Vincent Weafer, vice president of Symantec Security Response.

"Think of it as an updated module that's more aggressive, more robust in defending itself," Weafer says.

The W32 Downadup.C variant was discovered Friday in a Symantec honeypot and is still under investigation. Symantec expects to identify additional capabilities shortly, says Weafer, who adds that Symantec has not yet seen W32.Downadup.C in customer networks directly.

Earlier versions of Downadup did attempt to disable anti-virus software, but the third version represented in the Downadup.C module is designed mainly to provide more protective actions to infected Windows-based machines so they can better defend themselves from anti-virus software and other eradication methods.

"It's more aggressive, it has more services," says Weafer.

Come socialise with us! Facebook | LinkedIn

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email ARN
Follow ARN on twitter

More about: Symantec

References show all

W32.Downadup.C Digs in Deeper - Malicious Code - STN Peer-to-Peer Discussion Forums

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Latest Stories

Community Comments

"The only lemon around is from the bitter taste in your mouth ..."

Sice quits Acronis, joins Staples
"Corporate express is no longer an IT player. Staples have ruined a ..."

Sice quits Acronis, joins Staples
"CE has left the IT building.... Back to pens and toilet paper. ..."

Sice quits Acronis, joins Staples
"I'm surprised to read that Kogan is a manufacturer, when Kogan mostly ..."

New Kogan Agora tablets run Android 4.0
"The sound from the Asus R501 is truly amazing. I have sold ..."

PRODUCTS: latest from Acer and ASUS

Tags: downadup, worm

ARN Directory | Distributors relevant to this article

Anyware Corporation , Aquion , ASI Solutions , Dicker Data , Express Data , Express Online , Impact Systems Technology , Lynx Technologies , Topstar Computer International , Xpress I.T.

ARN Directory | Vendors relevant to this article

Symantec

Most Read

Get exclusive access to ARN's news, research and invitation only events.

Latest Jobs

CCSAP FICO ConsultantNT
CCOBIEE ConsultantWA
FTSales Account ManagerNSW
FTSAP Basis ConsultantACT
FTChange Management ProfessionalsNSW
FTIT Account Manager - System Integrator - Career Progression - Start ImmediatelyNSW
FTQM Trainer and ConsultantNSW
FTSAP Basis ConsultantNSW
FTSales Account ManagerNSW
CCSAP PM ConsultantNSW
CCAPAC Campaign ManagerNSW

Most Commented

ARN Distributor Directory

Find distributors by name | vendor | location

Channel Deals

/deals/avg/213_avg-internet-security-3-pc-2-year-10-pack-reta

AVG (AU/NZ) Pty Ltd

AVG Internet Security 2012 10 Pack Retail Specials

More details »

ARN Vendor Directory

Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Featured Resources

Aberdeen Group: Building Business Resilience Through Active Archive

One of the key data management challenges organizations often face is how to keep their archived data accessible and active, without spending the time and resources associated with primary storage. The amount of data in the archives can range from one half to 10 times the amount of data actively managed in primary storage. How can end-users gain access to historical files in a reasonable amount of time without pulling IT employees from higher priority projects? Aberdeen's research found the answer in the technologies and processes that comprise active archiving.

Most Popular Resource Papers

Market Potential-Strategy Guide to the Active Archive Market

The active archive market is a growing segment where tape is seen as part of a disk or network fileystem. This means that to an end user disk and tape are “blended” and whether file is held on disk or tape is “invisible” to the end user. The active archive market is the fastest growing space in the storage industry and allows direct end user access to tape through a file system front end.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management