 12/17: Forbot-DA Worm Targets Flaws |
 |
|
|
|
|
|
12/17: Forbot-DA Worm Targets Flaws
December 17, 2004
W32/Forbot-DA is a worm that attempts to spread to remote network shares and computers vulnerable to common exploits. W32/Forbot-DA also contains backdoor functionality, allowing unauthorized remote access to the infected computer via the IRC network, while running in the background as a service process.
W32/Forbot-DA connects to a preconfigured IRC channel and awaits commands from a remote intruder. These include commands to:
steal information
delete network shares
reduce system security
start a proxy server
participate in DDoS attacks
exploit vulnerabilities
steal registration keys for computer games
harvest email addresses from the Windows address book and Instant Messenger configuration files
More information can be found at Sophos page.
|
|
|
|
|
E-mail security and your legal liability
Programmers on Windows Code: Eyes Wide Shut
1/3: Sdbot-SW Worm Hits Remote Shares
Will Users of Word 97 'Bug' Out?
Meta Group Slams Wireless LAN Suppliers on Security
Microsoft Defends Security Approaches
2/17: Poebot-A Worm Has Backdoor Functions
Network-1 Offers Centralized Policy Control For Distributed Firewalls
New ID-Synch Access Management Software Ties to HR Systems
1/13: Wurmark-E Worm Arrives As Zip Attachment
10/27: Anpes Mass-Mailing Worm Uses Outlook
Buy Security Camera
 |
