Hi :)
QuoteA modified version of an old worm has taken notes from Conficker and is using similar attacks.
The worm 'Neeris' has been active for a few years, but has been updated to target the same Microsoft flaw MS08-067 – which Conficker exploited to become so successful.
Other similarities between Neeris and Conficker are that it downloads a copy of the worm from the attacking machine using HTTP, spreads via autorun, and uses a driver to patch the TCP/IP layer of the system.
http://www.itpro.co.uk/610435/microsoft-warns-of-copycat-conficker-worm (http://www.itpro.co.uk/610435/microsoft-warns-of-copycat-conficker-worm)
More info: http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fNeeris.gen!C (http://www.microsoft.com/security/portal/Entry.aspx?Name=Worm%3aWin32%2fNeeris.gen!C)
Note: I don't know if the journalist over at IT PRO has been sleeping at work or they actually are 2 months ahead of others, but I guess the article is written on April the 4th and not June the 4th. :shock: