Symantec warns a third variant of the Conficker virus is on the loose. It’s the nastiest strain yet, by dint of a new ability to disable security software, and block attempts to track where it phones home on the web.

In a tactical switch, Conficker's authors are sending the new strain to already-infected PCs, helping the worm burrow deeper and become more resistant to attempts to dig it out.

In a security update, Symantec’s Peter Coogan writes that the worm’s focus on holding-off antivius software is part of a new strategy overall:

Conficker has wriggled into millions of PCs, leaving them open to receive a nasty parcel of malware from its author. But the worm – shaping up to be the biggest virus attack the world has ever seen - has yet to deliver its payload to a single infected computer. Antivirus experts tell NBR they’re waiting for the other boot to drop.

Security vendors are issuing warnings about a virulent new worm, which took down Ministry of Health systems for 15 days.

Conficker – also known as Downadup or Kido – is a uniquely pestilent species of worm, infecting PCs via the internet or “manually” via USB thumb drives. Once it has infected a computer, Conficker “phones home” to a malicious server, which delivers a payload of malware (which could be any malware, such as a programme that sniffs out personal details).