For the last four days we got 11 different samples of malware using
this vulnerability. Currently there are three Zotob variants (.A, .B
and .C), one Rbot (.ADB), one Sdbot (.YN), one CodBot, three IRCbots
(.ES, .ET and .EX) and two variants of Bozori (.A, .B).
Variants from both IRCBot and Bozori families are deleting competing PnP bots.
It seems there are two groups that are fighting: IRCBot and Bozori vs Zotobs and the other Bots.
See our high-tech illustration for details.
From F-Secure's Blog. Its been about 2-3 years since we've had a good virus war. Would it be so difficult just to patch your systems?
UPDATE: Brian Krebs has picked up this story on Security Fix.