Security Hero Rotating Header Image

Kaspersky Lab analyses new version of Kido (Conficker)

Kaspersky Lab analyses new version of Kido (Conficker)

Kaspersky Lab, a leading developer of secure content management solutions, announces that a new version of the malicious program Kido (aka Conficker and Downadup) has been detected. During the night of 8th/9th April, computers infected with Trojan-Downloader.Win32.Kido (aka Conficker.c) contacted each other over P2P, telling infected machines to download new malicious files, thus activating the Kido botnet.

This latest Kido variant differs significantly from previous variants: the malware is now once again a worm. Initial analyses suggest it has date-limited functionality until 3rd May 2009. In addition to downloading updates for itself, Kido also downloads two new files to infected machines. One is a rogue antivirus application (detected as FraudTool.Win32.SpywareProtect2009.s) that is being spread from sites located in Ukraine. When itˇ¦s run, the program offers to delete ˇ§detected virusesˇ¨ for a charge of $49.95.


Leave a Reply

Your email address will not be published. Required fields are marked *