Printed from www.pcpro.co.uk
VIRUS: Spybot-R targets file-sharers
Posted on 14 Oct 2003 at 17:11
Sophos has warned of a worm that has been discovered infecting machines using peer-to-peer networks.
Spybot-R uses the KaZaA peer-to-peer file-sharing network to spread by masquerading as key-generating programs for popular games and software applications.
If a user downloads one of these files off the network, when run, it will display a fake error message and create a folder into which it places copies of itself, again using filenames such as Windows XP Professional Keygen by CaFo.exe.
It also makes a number of Registry edits to ensure that the files are shared and that the worm runs itself each time the computer is restarted.
Spybot-R also opens a back door to an infected machine through IRC channels, whereby an attacker could gain remote control of the computer. It also contains key-logging capabilities that could record your passwords and credit card details when typed.
Spybot-R has aliases Spybot.Worm and Worm.P2P.SpyBot.gen.
Author: Matt Whipp
advertisement
- Need a bit of extra Christmas cash? Grass up your boss, says BSA
- Photoshop Mobile on Android review: first look
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Avira Premium Security Suite 9
- ZoneAlarm Internet Security Suite
- Webroot Internet Security Essentials
- Trend Micro Internet Security
- PC Tools Internet Security 2009
- Panda Internet Security 2009
- Norton Internet Security 2009
- Kaspersky Internet Security 2009
- F-Secure Internet Security 2009
- Eset Smart Security
- BitDefender Total Security 2009
advertisement
