From PC World: A third version of Downadup has been identified by Symantec, which says the new variant gives infected machines more powerful instructions to disable antivirus software and analysis tools, among other actions. W32.Downadup.C is a modular component for machines currently infected with Downadup. This variant of Downadup, also called Conficker, is not attempting to self-replicate and appears to behave more like a Trojan than a worm, says Vincent Weafer, vice president of Symantec Security Response. "Think of it as an updated module that's more aggressive, more robust in defending itself," Weafer says. The W32 Downadup.C variant was discovered Friday in a Symantec honeypot and is still under investigation. Symantec expects to identify additional capabilities shortly, says Weafer, who adds that Symantec has not yet seen W32.Downadup.C in customer networks directly. View: Article @ Source Site |