Confickerの亜種WORM_DOWNAD.Eが感染を増やしているそうです、それもP2P型で繁殖中との事。

TrendLabs have this evening discovered a new variant of Downad/Conficker called WORM_DOWNAD.E spreading over the peer-to-peer functionality of the previous version of this now infamous worm.

Simply Security News, Views and Opinions from Trend Micro, Inc

1024〜10000番までのTCPポートを利用した通信との事。

We have so far noted that the worm uses ports 5114 and 3486 for propagation and communication, which makes the below graphs from SANS ISC potentially noteworthy.
UPDATE: It looks like the port numbers used by this new variatn are randomly generated between 1024 and 10000.

Simply Security News, Views and Opinions from Trend Micro, Inc

関連URL

• Trend Micro Discovers New Variant of Conficker: WORM_DOWNAD.E - Apr 08, 2009