W32.Changeup – A Worm By Any Other Name

Whether a Montague or a Capulet, it never mattered to Juliet, as she made the case in Shakespeare's “Romeo and Juliet” when she says one of her most famous lines, “What’s in a name? That which we call a rose by any other name would smell as sweet.”

Earlier this week, we wrote about the increase in detections of a threat named W32.Changeup. Other vendors have written about it as well. However, each security vendor’s naming conventions are different. For Symantec, we named the threat W32.Changeup when we first discovered it.

Sampling of vendor detection names for W32.Changeup:

  • Microsoft: Worm:Win32/Vobfus.MD
  • McAfee: W32/Autorun.worm.aaeh
  • Trend Micro: WORM_VOBFUS
  • Sophos: W32/VBNA-X
  • Kaspersky: Worm.Win32.VBNA.b
  • ESET-NOD32: Win32/VBObfus.GH

While our naming conventions may be different, a worm by any other name is still a worm. And this worm in particular has not let up. Our recent data indicates W32.Changeup continues to have an impact.

Over a six day span, Security Response has observed a large increase in the number of detections for W32.Changeup.

We continue to update and add detections for this threat as we encounter new variants. Customers are advised to make sure their virus and intrusion prevention definitions are up to date.


Intrusion Prevention System

Since this worm spreads by leveraging the AutoRun feature in Windows, we also recommend that customers take proactive measures to prevent this feature from being abused.

The Open Group Conference in Newport Beach

The next Open Group Conference will be held in Newport Beach California taking place January 28 through 31st. Looks to be a lot of great speakers. The conference theme is “Big Data – The Transformation We Need to Embrace Today” and will bring together leading minds in technology to discuss the challenges and solutions facing Enterprise Architecture around the growth of Big Data.

I will also be attending and speaking at the event. For all that would like to meet up over the networking event or for lunch I would love to catch up!

If you are interested in going, act quickly. The Open Group  early bird discount expires on January 4th. 

Register Here


For more infomration see the details below: 

In addition to tutorial sessions on TOGAF® and ArchiMate®, the conference offers roughly 60 sessions on a varied of topics including:

  • The ways that Cloud Computing is transforming the possibilities for collecting, storing, and processing big data.
  • How to contend with Big Data in your Enterprise?
  • How does Big Data enable your Business Architecture?
  • What does the Big Data revolution mean for the Enterprise Architect?
  • Real-time analysis of Big Data in the Cloud.
  • Security challenges in the world of outsourced data.
  • What is an architectural view of Security for the Cloud?

Plenary speakers include:

  • Christian Verstraete, Chief Technologist – Cloud Strategy, HP
  • Mary Ann Mezzapelle, Strategist – Security Services, HP
  • Michael Cavaretta, Ph.D, Technical Leader, Predictive Analytics / Data Mining Research and Advanced Engineering, Ford Motor Company
  • Adrian Lane, Analyst and Chief Technical Officer, Securosis
  • David Potter, Chief Technical Officer, Promise Innovation Oy
  • Ron Schuldt, Senior Partner, UDEF-IT, LLC