The Conficker botnet has started to use its peer-to-peer communication system to update itself and download scareware (fake anti-virus programs) to millions of infected Windows machines. The latest Conficker mutant comes a week after a heavily-hyped April 1st activation date and provides the first sign of the motivation behind this malware threat financially motivated cybercrime. Mozilla Firefox is blocking access to the scareware sites located in Ukraine, Kaspersky Lab Alex Gostev said.
Source: https://threatpost.com/conficker-business-model-scareware-and-spam-040909/72511/