has ayone heard of this new nasty? and are the def in the works for it?

Discussion in 'NOD32 version 1 Forum' started by testg, May 1, 2003.

Thread Status:
Not open for further replies.
  1. testg

    testg Guest


    Discovered on: April 30, 2003

    Matrix.morpheuz.D uses a random TCP port to connect to the IRC server of the hacker's choice. Major targets are backbone servers, with the objective of spreading through all ISPs below the backbone. Infection comes through any connection to an infected server. This virus has various forms, some of which allow the hacker to take control of system services and others capable of destroying or corrupting data.
    The virus utilizes a new technology called Variable Automated Coding, or VAC for short. The newly infected client machine randomly changes the virus' coding with each succesive infection. The unique virus is then sent to another machine, and so on and so forth. With this random style of creation, the virus may be completely harmless, but if the same machine tries to connect to an infected computer again, it might get a more potent, potentially unrecoverable strand.

    Type: Polymorphic / Stealth Armored Worm Virus
    Infection Length: 31,232 bytes
    Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me,
    Systems Not Affected: Macintosh, OS/2, UNIX, Linux
  2. testg

    testg Guest

    After reading it again I realized it's a bullshit virus.

    Forget I even asked, from the tech lingo it looks like a bullshitt scare tactic.

    I should slap myself now. <SLAP>
  3. jan

    jan Former Eset Moderator

    Oct 25, 2002
    Hi testg,

    NOD32 detects it as Win32/Kaitex.D backdoor.

    Thanks, :)

  4. testg

    testg Guest

    So it is real? Hmm interesting, well I must say one up for ingenuity of it's writters. Too bad I've didn't come across a sample.
    I guess I deserve another slap on the cheek <slap>. Now both of my cheeks are red, if this continues I will have to move to buttocks. :D

    Thanks for response and protection.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.