The Web    Google
3/7: Forbot-EP Worm Targets Remote Shares

3/7: Forbot-EP Worm Targets Remote Shares
March 7, 2005

W32/Forbot-EP is a worm that attempts to spread to remote network shares and computers vulnerable to common exploits. W32/Forbot-EP also contains backdoor Trojan functionality, allowing unauthorized remote access to the infected computer via the IRC network, while running in the background as a service process.

W32/Forbot-EP connects to a preconfigured IRC channel and awaits commands from a remote intruder. These include commands to steal information, delete network shares, reduce system security, start a proxy server, participate in DDoS attacks, exploit vulnerabilities, steal registration keys for computer games and harvest email addresses from the Windows address book and Instant Messenger configuration files.

More information can be found at Sophos page.

  • AntiOnline Spotlight: Network Security Made Easy?
  • 5/19: Webloin Trojan Downloads DLL File
  • The Worm That Won't Go Away
  • Application Insecurity --- Who is at Fault?
  • Sony Bundles Backup and Disaster Recovery Solutions
  • Security Objections to IBM-Lenovo Deal?
  • 3/25: Clunk-A a Password-Stealing Worm
  • Shaving Time From The Virus Race
  • 12/13: Janx Worm Exploits Windows Flaw
  • Protect Your Passwords -- Part 1
  • 7/1: PWSteal.Refest Steals Banking Info
  • Security Camera Articles