Printed from www.pcpro.co.uk
VIRUS: Spybot-R targets file-sharers
Posted on 14 Oct 2003 at 17:11
Sophos has warned of a worm that has been discovered infecting machines using peer-to-peer networks.
Spybot-R uses the KaZaA peer-to-peer file-sharing network to spread by masquerading as key-generating programs for popular games and software applications.
If a user downloads one of these files off the network, when run, it will display a fake error message and create a folder into which it places copies of itself, again using filenames such as Windows XP Professional Keygen by CaFo.exe.
It also makes a number of Registry edits to ensure that the files are shared and that the worm runs itself each time the computer is restarted.
Spybot-R also opens a back door to an infected machine through IRC channels, whereby an attacker could gain remote control of the computer. It also contains key-logging capabilities that could record your passwords and credit card details when typed.
Spybot-R has aliases Spybot.Worm and Worm.P2P.SpyBot.gen.
Author: Matt Whipp
advertisement
- Motorola pays Lucas for its Droid
- Where are the killer apps for Windows?
- Will you hit the Orange iPhone "unlimited" cap?
- USB 3 first benchmark - it's here, and it's fast
- Why Windows 7 has forced me to worry about security
- How Dixons is (under)selling Windows 7
- Do I like Windows 7 because it's so like a Mac?
- No Windows 7 drivers turn Dell M1330 into a doorstop
- Is Windows 7 good looking enough to sway an Apple fan?
- Typekit brings print-like typography to the web
- Avira Premium Security Suite 9
- ZoneAlarm Internet Security Suite
- Webroot Internet Security Essentials
- Trend Micro Internet Security
- PC Tools Internet Security 2009
- Panda Internet Security 2009
- Norton Internet Security 2009
- Kaspersky Internet Security 2009
- F-Secure Internet Security 2009
- Eset Smart Security
- BitDefender Total Security 2009
advertisement
