WORM_IRCBOT.MAC |
|
| BugsAlert Home > WORM_IRCBOT.MAC | |
|
This worm may be downloaded unknowingly by a user when visiting malicious Web sites. It drops copies of itself. It registers itself as a system service to ensure its automatic execution at every system startup. It does this by creating registry keys/entries. It searches the network for certain shares, into which it attempts to drop copies of itself. It uses a list of user names and passwords to access password-protected shares. It connects to a certain Web site to send and receive information. It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes commands on the affected system. Original Source: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_IRCBOT.MAC Learn more about WORM_IRCBOT.MAC |
|
| Tags: worm ircbot.mac | |
Related Items |
|
|
CVE-2008-0983 (lighttpd)
|
|
|
MS08-008 ? Critical: Vulnerability in OLE Automation Could Allow Remote Code Execution (947890) - Version:1.1
|
|
|
CVE-2007-6198 (AquaLogic Interaction)
|
|
|
Bugtraq: Acidcat CMS Multiple Vulnerabilities
|
|
|
ChiCoMaS "q" Cross-Site Scripting Vulnerability
|
|
|
CVE-2008-5637 (parsblogger)
|
|
|
CVE-2008-3751 (Short Url and Url Tracker Script)
|
|
