The Web    Google
9/22: Rbot-KJ Worm Has Backdoor

9/22: Rbot-KJ Worm Has Backdoor
September 22, 2004

W32/Rbot-KJ is a network worm with IRC backdoor functionality. It attempts to spread by exploiting the Universal PNP (MS01-059), WebDav (MS03-007), RPC DCOM (MS03-026, MS04-012), LSASS (MS04-011), DameWare (CAN-2003-1030) or IIS5 SSL (CAN-2003-0719) vulnerabilities.

W32/Rbot-KJ allows a remote attacker to control the infected machine via IRC channels.

More information is at Sophos page.

  • Exploit for Windows SSL Flaw Circulating
  • 7/28: Downloader-NE.dr a New Trojan
  • Blaming Users for Virus Chaos?
  • 11/23: Backdoor.Sdbot.AH a Network-Aware Worm
  • 'Significant' Security Flaws Uncovered in Many Web Applications
  • 7/12 Atak.A Worm Low Threat but High Traffic
  • Feds Hit Alleged Spammers in Sting
  • AntiOnline Security Spotlight: Firewalls and Honeypots
  • Christmas Comes Early for Spammers
  • Spyware Sneaking into the Enterprise
  • SunGard to Spin Off Disaster Recovery Biz
  • Security Camera Industry Information