From the “Aren’t we done yet with Conficker?” files:
Yesterday I wrote about the latest variant of Conficker. Additional details on the new variant have emerged that indicate that the worm is now using its infected hosts to send spam e-mail.
The new Conficker worm (also known as Kido) downloaded scareware — a fake antivirus application offer on infected users’ PCs. It also downloaded the Waledac spam worm also known as Email-Worm.Win32.Iksmas.atz.
“Over a 12-hour period, Iksmas connected to its control centers around the globe a number of times and received commands to send out spam mailings. In just 12 hours, one bot alone sent out 42,298 spam messages,” Aleks Gostev, head of Kaspersky Lab’s Global Research and Analysis Team, said in a statement.