Alerts

Updated Variant of the Downadup Worm Identified in the Wild

BUCHAREST, Romania

Normal
0

false
false
false

EN-US
X-NONE
X-NONE

MicrosoftInternetExplorer4

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:”Calibri”,”sans-serif”;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-fareast-font-family:”Times New Roman”;
mso-fareast-theme-font:minor-fareast;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:”Times New Roman”;
mso-bidi-theme-font:minor-bidi;}

 

New Downadup

 

In
addition to blocking access to any website of antivirus vendors, as well as
third-parties offering online scanning services or removal tools, the malicious
binary has been updated to refuse users access to http://bdtools.net,
BitDefender’s online repository for distributing disinfection and removal
tools.

The
updated disinfection tools are now available online at www.disinfecttools.com, a domain that
is not currently blacklisted on the compromised machines.

All
the BitDefender 2009 products detect the worm as Win32.Worm.Downadup.Gen and stop its
execution before it is able to perform changes on the system. In order to stay
safe while surfing the Web, BitDefender recommends that you install a complete
and up-to-date anti-malware software solution.

BitDefender provides one of
the industry’s fastest and most effective lines of internationally certified
security software, setting new standards for proactive threat prevention since
2001. Through our global network of partners our technology protects over 41
million home and corporate users in more than 100 countries, and in some of the
world’s largest corporations.