VIRUS: Spybot-R targets file-sharers
By Matt Whipp
Posted on 14 Oct 2003 at 17:11
Sophos has warned of a worm that has been discovered infecting machines using peer-to-peer networks.
Spybot-R uses the KaZaA peer-to-peer file-sharing network to spread by masquerading as key-generating programs for popular games and software applications.
If a user downloads one of these files off the network, when run, it will display a fake error message and create a folder into which it places copies of itself, again using filenames such as Windows XP Professional Keygen by CaFo.exe.
It also makes a number of Registry edits to ensure that the files are shared and that the worm runs itself each time the computer is restarted.
Spybot-R also opens a back door to an infected machine through IRC channels, whereby an attacker could gain remote control of the computer. It also contains key-logging capabilities that could record your passwords and credit card details when typed.
Spybot-R has aliases Spybot.Worm and Worm.P2P.SpyBot.gen.
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
