 9/21: Sdbot-PK Worm Scans for Vulnerabilties |
 |
|
|
|
|
|
9/21: Sdbot-PK Worm Scans for Vulnerabilties
September 21, 2004
W32/Sdbot-PK is a member of the W32/Sdbot family of internet worms that spread by scanning for and exploiting known vulnerabilities and weakly protected accounts.
The worm connects to a remote IRC server and enables a malicious user to remotely control an infected machine.
W32/Sdbot-PK drops Troj/NtRootK-F as the file msdirectx.sys, which it employs to hide its process.
More information is at Sophos page.
|
|
|
|
|
Virus Alert: Worm Spreads Via Hidden System Shares
5/2: LegMir-DR a Password-Stealing Trojan
10/12: Forbot-AZ Worm Has Backdoor
1/31: Unfunner-A Worm Moves Via MSN Messenger
Corporate Data Leaks Spur Interest in Storage Security
8/2: MyDoom-P Sends Spoofed Emails
'Critical' Windows Hijack Flaw Reported
1/3: Sdbot-SW Worm Hits Remote Shares
4/13: Spybot-NLX Worm Has DDoS Abilities
3/29: Krynos-B Worm Drops Copy of Itself
Trolling For Anti-Phishing Laws
Computer security background information
 |
