Worm.Win32.Randon

Discussion in 'malware problems & news' started by FanJ, Mar 4, 2003.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest

    Alert from Kaspersky:

    "Randon" Threatens Port 445!
    A new blended worm / trojan threat appears. Kaspersky Labs reports
    registered infections at the hands of the new network worm "Randon".
    Kaspersky Labs has already received several incident reports from both
    Russian and the Netherlands connected with this malicious program.

    "Randon" spreads via IRC channels and local area networks and infects
    computers running Windows 2000 and Windows XP. To penetrate computer
    systems the worm registers itself in the IRC server (or local area
    network), scans for all present users and connects to victim computers
    via port 445 and attempts to gain access by using a fixed list of the
    most commonly used passwords. When "Randon" manages to successfully
    break-in it proceeds to transmit to this system the Trojan program
    "Apher", which then, from a remote web site, loads worm's remaining
    components (a total of 13 files, including a full-fledged mIRC client
    for work with IRC channels).

    Read more:
    http://www.viruslist.com/eng/viruslist.html?id=59741
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.