Conficker worm becomes more sophisticated

Researchers at Symantec Corp. have announced that a new version of Conficker worm aims at severing the link between the worm and its hacker controllers.

Conficker, also known as "Downadup," had benefited from Microsoft vulnerability and spread to millions of computers before about 20 organizations, including Microsoft, Symantec, VeriSign Inc. and ICANN, had started jointly fighting the virus by preemptively registering the Internet addresses Conficker's controllers used to hold on to infected machines.

However, the new Conficker.c is advanced, as, instead of generating 250 possible domains each day to direct instructions from hackers, it generates 50,000 of them. Moreover, researchers have found out the new version was protected against tools often used to find out and fight malware. At the same time, as the new version of virus is being generated only on the computers infected with Conficker, and the number of those is decreasing, it can be said that the peak of that virus is in the past already. 

In order to protect users from the worm, Microsoft urges installation of MS08-067 security update. The company has also announced a $250,000 reward for information on the worm's source.