IRC bot latches onto Plug-and-Play vuln | The Register

Skip to content

Security:

News Tools

Reg Shops

Top Stories

Read more top stories

Related Whitepapers

Making Green IT a Reality
Customer Perspectives on the Impact of Storage Vendor Decisions on Power, Cooling, & Space in Enterprise Data Centers
SSL in High-Security Browsers
The Browser Security Revolution
The Perfect (Virtual) Marriage
Deduplication and VMware
What Every E-Business Should Know about SSL Security and Consumer Trust
A Verisign Business Guide
Solution Brief: Reduce Energy Costs
With Green IT Solutions
How IT Management Can "Green" the Data Center
A Gartner Report

The Register » Security » Anti-Virus »

IRC bot latches onto Plug-and-Play vuln

Second route to 'root'

By John Leyden → More by this author

Published Tuesday 16th August 2005 10:59 GMT

How IT Management Can "Green" the Data Center - Free Download

The Microsoft Plug-and-Play vulnerability exploited by the ZoTob worm has been harnessed to create an IRC bot. IRCBot-ES uses the vulnerability to spread instead of more common vectors such as Windows RPC security vulns.

The attack provides evidence that virus writers are swarming around the vulnerability - which was only disclosed last week - thinking up new ways to attack vulnerable systems. Early indications are that IRCBot-ES may be more potent that ZoTob because it's easily capable of spreading around internal networks once an infected machine is plugged into a Lan. Anti-virus firm F-secure reports that one organisation has suffered widespread infection from IRCBot-ES via this mechanism. Meanwhile a further variant of ZoTob has been discovered.

The clear interest from malware authors in the vulnerability underlines the need for Windows users to get patched up sooner rather than later. ®

Fixed to Fluid: Enabling Data Center Metamorphosis - Free download

Track this type of story as a custom Atom/RSS feed or by email.

Related stories

Bot spreads through anti-virus, Windows flaws (29 November 2006)
How a virus crashed Homeland Security (3 November 2006)
Zotob perp jailed (13 September 2006)
Virus writers craft PnP botnet client (24 October 2005)
MyTob and NetSky-P dominate August viral charts (1 September 2005)
Zotob arrests throws open trade in compromised PCs (30 August 2005)
Zotob suspects arrested in Turkey and Morocco (30 August 2005)
Worm War II (18 August 2005)
Plug and Play pandemonium (17 August 2005)
Flaw on Tuesday, worm by Sunday (15 August 2005)
Six patches - three critical - in MS August patch batch (10 August 2005)
Zombie bots fuel spyware boom (11 July 2005)
VXers go phishing with latest MyTob worms (8 June 2005)
Window of exposure lets viruses run rampant (2 June 2005)

Post to Slashdot

Add to del.icio.us

Previous Article

From small embedded OS to the world's most used open mobile OS

whitepaper title

Making Green IT a Reality

Customer Perspectives on the Impact of Storage Vendor Decisions on Power, Cooling, & Space in Enterprise Data Centers.

whitepaper title

The Perfect (Virtual) Marriage

Get consistent virtual machine storage savings of 50% (often as high as 90%) with virtually no performance impact with NetApp deduplication..

Whitepapers
CRM Without Compromise Enterprise Strategies Supply Chain Design & Analytics Driving Profitability with Project Resource Management from SAP

How IT Management Can "Green" the Data Center

A Gartner Report

Download for free NOW

Top 20 stories • All The Week’s Headlines • Archive • Search