Even though, apparently, this virus has been "wild" for a year now, it appears that the recent study of it’s activities is getting a lot of attention. I’ll summarise what makes this virus different from others before it. The full article can be found at the end of this post:
For one reason, the virus is covert and only goes about it’s business when it’s pretty sure it won’t be detected. So it doesn’t gobble up all of your system resources, or all of your bandwidth – it just uses what it can get away with.
For another, it’s job isn’t defined explicitly. Different copies can do different things (Schneier likened it to an "ant colony.") I guess by the same token, if a copy of the virus which was working to spread itself is detected and immunised, another virus on a different PC will pick up the task and switch duties.
Then there’s the infection method. Using clever language in email bodies that is convincing and doesn’t read like it’s been written by a 4 year old means they use clever social engineering and psychological tricks to get people to click the link.
Finally there are the methods to avoid the closing down of the bot-net that this virus has created. The virus uses clever DNS and P2P techniques to make sure it’s always one step ahead.
Read the full article to find out more and why people are getting a little itchy about the potential threat in the future with this virus. [SHOW ME]