|
A new blended worm / trojan threat appears. Kaspersky Labs, an international data security software developer, reports registered infections at the hands of the new network worm "Randon". Kaspersky Labs has already received several incident reports from both Russian and the Netherlands connected with this malicious program.
"Randon" spreads via IRC channels and local area networks and infects computers running Windows 2000 and Windows XP. To penetrate computer systems the worm registers itself in the IRC server (or local area network), scans for all present users and connects to victim computers via port 445 and attempts to gain access by using a fixed list of the most commonly used passwords. When "Randon" manages to successfully break-in it proceeds to transmit to this system the Trojan program "Apher", which then, from a remote web site, loads worm's remaining components (a total of 13 files, including a full-fledged mIRC client for work with IRC channels).
|
Linear Mode
