Conficker worm reappears

Electronics accessory maker Hama has admitted that a 35mm photographic film scanner sold to German consumers over Christmas came with a software disk infected with the irrepressible Conficker worm.

Reported earlier this month but only noticed by eagle-eyed reporters now, the report on Heise Security said that the slide scanner, sold through the Tchibo chain for about £50 (US$79) a shot, loaded the malware when the main executable was run.

Having appeared all of four years ago, the Conficker.b variant can be detected with any antivirus scanner but consumers should not underestimate the malware's ability to jump on to unprotected systems.

As is typical for worms that use storage to spread, it makes that leap via the Windows autorun routine. (See also "Conficker Set to Strike: Protect Yourself with These Tips and Tools.")

Stories of malware turning up on commercial install disks are far from unheard of. But Conficker's story makes it one of the most mysterious pieces of malware ever discovered.

Origin remains a mystery

Set to activate on April 1, 2009 (although discovered in late 2008), and managing to infect millions of PCs, researchers never figured out what it was trying to do or who created it.

It remains an enigma to this day although there have been plenty of theories. It has even been claimed that Conficker was part of the US cyberwar campaign that included the equally odd Stuxnet discovered in 2010.

The belief that Conficker was part of a state-to-state cyberweapons campaign has gained weight with the revelation since 2009 of a clutch of programs that bear some of its characteristic opacity and aimlessness.

To this day it remains a common if little commented upon threat in many countries' malware report tables.

Subscribe to the Best of TechHive Newsletter

Comments