Millions of PCs infected with the Conficker virus have received a series of updated files over peer-to-peer connections that improve the worm’s defenses against security products and also include a sniffer and some fake anti-virus software.
This is just the latest major update for Conficker, whose creators have been sending out periodic changes to the worm and instructing infected machines to visit various servers to download new packages. Network World reports:
The new update also tells Conficker to contact MySpace.com, MSN.com, Ebay.com, CNN.com and AOL.com apparently to confirm that the infected machine is connected to the Internet, Ferguson said. It also blocks infected PCs from visiting some Web sites. Previous Conficker versions wouldn’t let people browse to the Web sites of security companies.
See the full report here.