VIRUS: Spybot-R targets file-sharers
By Matt Whipp
Posted on 14 Oct 2003 at 17:11
Sophos has warned of a worm that has been discovered infecting machines using peer-to-peer networks.
Spybot-R uses the KaZaA peer-to-peer file-sharing network to spread by masquerading as key-generating programs for popular games and software applications.
If a user downloads one of these files off the network, when run, it will display a fake error message and create a folder into which it places copies of itself, again using filenames such as Windows XP Professional Keygen by CaFo.exe.
It also makes a number of Registry edits to ensure that the files are shared and that the worm runs itself each time the computer is restarted.
Spybot-R also opens a back door to an infected machine through IRC channels, whereby an attacker could gain remote control of the computer. It also contains key-logging capabilities that could record your passwords and credit card details when typed.
Spybot-R has aliases Spybot.Worm and Worm.P2P.SpyBot.gen.
From around the web
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
- Can you send a truly anonymous email?
- Is it safe to send bank details over email?
- Sainsbury's Bank bans password storage
- MobileMe triggers credit card blocks
- How to stay safe against session hijacking
advertisement
Printed from www.pcpro.co.uk