The Web    Google
1/7: Sdbot-TB Worm Lets Hackers In Via IRC

1/7: Sdbot-TB Worm Lets Hackers In Via IRC
January 7, 2005

W32/Sdbot-TB is a Windows network worm that contains backdoor functions that allow unauthorized remote access to the infected computer via IRC channels. Once installed, W32/Sdbot-TB is able to setup an HTTP proxy server, participate in denial-of-service (DoS) attacks, steal computer information and log keystrokes to the file keys.txt in the Windows System folder when instructed to do so by a remote attacker.

The worm also tries to spread using DCC file transfers over IRC channels.

More information can be found at Sophos page.

  • 1/18: Zar Worm Sends Tsunami Email
  • Netsky-D Ranked as High Risk
  • 12/8: Rbot-RJ Worm Spreads to Shares
  • 4/12: Mytob-AS Worm Uses SMTP Engine
  • 4/25: Kedebe Worm Kills Security
  • 12/28: W97M.Dinela a Macro Virus
  • 9/9: BackDoor-CEB.C Remote Access Trojan
  • Bagle-AA Moves Maliciously into 3rd Place
  • 3/24: Rbot-DP an IRC Backdoor Trojan
  • Disaster Recovery Vs. Business Continuity
  • Exploring Windows 2003 Security: IP Security
  • Security Camera Price