Conficker sparks into life

The Conficker worm has come to life after several days of inactivity, security experts have said.

It is downloading a mysterious data package that could contain instructions for a widespread attack on the web by Conficker, also known as Downadup.

Trend Micro spotted the data package after setting up a 'honeypot' - a PC that has a variant of the worm installed but is closely monitored by its researchers.

"Last night we saw a new file in the Windows Temp folder. Checking on the file properties reveals that the file was created exactly on 7 April, 2009 at 07:41:21," said Trend Micro's Ivan Macalintal.

Though it isn't clear what exactly the data package does, as it is encrypted, the company said it was able to work out a few things about it.

"It also does not leave a trace of itself in the host machine. It runs and deletes all traces, no files, no registries," Macalintal said.

There is also a theory developing that it could be related to the Waledac botnet.