Wilders security forums being blocked by malware

Kaspersky issued a "moderate" severity advisory on the "kido" worm...according to their write-up, looks like this forum has caught the attention of the malware creators.... you lot should be proud this place is that popular


http://www.viruslist.com/en/viruses/encyclopedia?virusid=21782725

 

It's a variant of Conficker/Downadup worm, already isolated at the end of December. It blocks DNS queries to various security related websites.

 

Hooray!

 

SSupdater anyone?

 

F-Secure have a few writeups in their blog about the Conficker/Downadup/Kido worm. (See http://www.f-secure.com/weblog)

 

Whippy........bravo............

I am sooooooooooo unlucky that I didn't got hit by the malware. I would love to. You know, whenever my PC gets infected I get a warm fuzzy feeling.

@Baz_kasp

Just count your blessings.

 

Does it block DNS look-up by inserting an entry into your hosts file?
If so, OA paid certainly monitors your hosts file to alert you to this.

 

Probably not... the "in" way at the moment is to use ndis to block/reroute requests from what I've read....

 

Don't understand why it disabled System Restore; many people automatically turn to Sys Restore to restore a clean copy. It could just manifest its self within Restore.