The Web    Google
3/7: Forbot-EP Worm Targets Remote Shares

3/7: Forbot-EP Worm Targets Remote Shares
March 7, 2005

W32/Forbot-EP is a worm that attempts to spread to remote network shares and computers vulnerable to common exploits. W32/Forbot-EP also contains backdoor Trojan functionality, allowing unauthorized remote access to the infected computer via the IRC network, while running in the background as a service process.

W32/Forbot-EP connects to a preconfigured IRC channel and awaits commands from a remote intruder. These include commands to steal information, delete network shares, reduce system security, start a proxy server, participate in DDoS attacks, exploit vulnerabilities, steal registration keys for computer games and harvest email addresses from the Windows address book and Instant Messenger configuration files.

More information can be found at Sophos page.

  • 802.11 Has DoS Vulnerability
  • Check Point Appliances Target Small Businesses
  • 1/27: Worm_Bropia-D Drops Other Malware
  • 9/22: Rbot-KJ Worm Has Backdoor
  • DOJ Scores First Criminal P2P Convictions
  • Should You Hack Your Own Network?
  • How Spyware Took the Next-Gen Threat Crown
  • 9/15: Forbot-C Spreads to Remote Shares
  • Bagle-AA Moves Maliciously into 3rd Place
  • Government Against Full Disclosure of Vulnerabilities
  • 4/12: Mytob-AR Yet Another Variant
  • Security Camera Articles