Conficker now expected to spread email spam and host spyware

Speaking to the Daily Mail, Vincent Weafer, vice president of Symantec Security Response, claimed that Conficker is slowly being activated as a method to quietly turn thousands of computers into servers of email spam and spyware hosts.

Weafer said: “Expect this to be long-term, slowly changing. It's not going to be fast, aggressive.” He also claimed that it will download the Waledac virus to recruit the PCs into a second botnet that is used to distribute email spam.

Paul Ferguson, senior researcher with Trend Micro, claimed that the authors of Conficker are likely to have installed a spam engine and another malicious software program on tens of thousands of computers since April 7.

Jason Miller, Shavlik's security and data team manager, previously claimed that Conficker.E has a kill date of May 3 and will cease to be functional from that date, although it is possible that it could be taken over by another botnet controller.

Meanwhile, Shawn Henry, assistant director of the FBI's cyber division, claimed at the RSA conference in San Francisco that the rumoured Conficker attack may have led to public distraction over legitimate cyber threats.

He told PC World magazine: “There are dozens of Conficker-like threats and vulnerabilities out there, while the media stories helped to raise awareness, I think that focusing people on that particular aspect, perhaps took away their attention from the overall threat, which is just as great or greater than Conficker itself.

“I don't want the public to think that there's this one threat and we didn't really see anything so we're safe.”