New worm drops Trojan army
By Matt Whipp
Posted on 17 Mar 2003 at 10:46
Sophos has highlighted reports of a new worm - W32/Deborm-R - that installs three Trojan components onto infected systems.
W32/Deborm-R is a network worm that will attempt to spread itself across the local network - specifically, across shared systems named C or C$ that reside on the local IP subnet and that have no password.
The worm then attempts to copy itself to the start up folder on vulnerable systems and will install three Trojan components: Litmus-203, Sdbot-Fam and KillAV-Q.
The worm is already out in the wild - ie in the public domain - although it has infected few systems at the time of writing. It also uses MultiDropper-FL and Worm.Win32.Deborm.r aliases.
For more information, see the Sophos Web site.
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
