The Web    Google
9/22: Rbot-KJ Worm Has Backdoor

9/22: Rbot-KJ Worm Has Backdoor
September 22, 2004

W32/Rbot-KJ is a network worm with IRC backdoor functionality. It attempts to spread by exploiting the Universal PNP (MS01-059), WebDav (MS03-007), RPC DCOM (MS03-026, MS04-012), LSASS (MS04-011), DameWare (CAN-2003-1030) or IIS5 SSL (CAN-2003-0719) vulnerabilities.

W32/Rbot-KJ allows a remote attacker to control the infected machine via IRC channels.

More information is at Sophos page.

  • Robbing the (Data) Bank
  • 2/25: Kelvir-A an Instant Messaging Worm
  • House Panel OKs Anti-Spyware Bill
  • 1/3: Sdbot-SW Worm Hits Remote Shares
  • Sigaba Adds Federated Authentication to E-Mail Security Software
  • House Passes Federal Anti-Spam Bill
  • 2/3: Trojan.Comxt-B Downloads Remote Files
  • In 2005, Organized Crime Will Back Phishers
  • 3/4: Rbot-WV Worm Uses Bad Passwords
  • Making Outlook Less Insecure
  • 2/25: Looked-C Worm Downloads File
  • Security Camera Related Information