'Playboy' Virus Dropping Dangerous Backdoor

KingFishKingFish
edited December 2004 in Science & Tech
Anti-virus vendors have raised the alarm for a new mass-mailing worm with a dangerous backdoor component.
The worm, called W32.Maslan.C@mm, arrives as an attachment promising naked photos of Playboy models but, if executed, drops an IRC (Inter Relay Chat) bot capable of transmitting passwords and sensitive information back to the virus writer.

According to an alert from McAfee, the backdoor is powerful enough to terminate the processes of various anti-virus security applications.

The worm also spreads itself via poorly secured network shares and weak passwords and takes advantage of two known exploits—LSASS and RPC-DCOM—affecting Microsoft Windows users. Patches for both exploits have been available for some time, but unpatched machines are vulnerable to worm infection.

According to Sophos, Maslan-C copies itself to the Windows system folder and creates a number of other files on the computer which make up the components of the worm.
Source: eWeek
Sign In or Register to comment.