Security firms are warning of a new series of Sdbot worms that install a "sniffer" component to steal passwords from unsuspecting users
Published:
15 September 2004 y., Wednesday
According to Symantec and Trend Micro, the newest Sdbot variants--Symantec actually calls them "Spybot"--exploit several vulnerabilities in Windows, including the RPC DCOM flaw that was used by last summer's MSBlast and the LSASS vulnerability exploited by 2004's Sasser.
Like both Sasser and MSBlast, Sdbot doesn't require user intervention to spread, but propagates across networks by finding unpatched systems.
When Sdbot locates a vulnerable PC, it adds backdoor components that let the attacker control the machine. The worms also creates a bot that uses NetBEUI (NetBios Extended User Interface) to capture passwords for such software as the instant messaging clients from Yahoo, AOL and Microsoft.
More important, however, is the addition of a network "sniffer" that monitors traffic on the local area network, specifically for log-on usernames and passwords. "If [Sdbot] can successfully transmit the filters packet captures back to the owner they are going to cause problems well beyond typical bot infestation," said Patrick Nolan, a researcher with the Internet Storm Center, in online advisory.
The Sdbots can also install more generalized keyboard loggers and steal keys from a number of popular games, including Unreal Tournament 2004, Battlefield 1942 and NASCAR Racing 2003.
Šaltinis:
TechWeb
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
The owners of domain names who have not paid their registration fee could find their corner of the internet sold off to the highest bidder.
more »
President Clinton cemented a key building block of Internet commerce Friday, signing legislation that makes contracts signed by computer equal to those sealed in pen and ink.
more »
Canada has become a laboratory for the automobile industry's experiment with selling cars to consumers over the Internet.
more »
On the 23 of June, appearing in Moscow at a seminar of an Intel on electronic commerce, the president and the main executive director of this corporation Dr. K.Barrett has outlined the strategy on global distribution of electronic business.
more »
Microsoft has continued to strengthen its grasp on the global browser market, according to new statistics from WebSideStory’s Statmarket.
more »
Clicking on to the Malaysian Government's new Web site is more like opening the pages of a dusty official manual than entering the cyberspace world of eye-catching images and instant information.
more »
Europe's antitrust chief said Monday he will reject the $115 billion WorldCom-Sprint megamerger unless the companies come up with another plan to ease concern over its combined Internet dominance.
more »
search.lt presents newest links
more »
In his "first-ever" national Webcast, President Clinton today intends to unveil a series of e-government initiatives that the administration contends will make the federal government far more Internet-accessible.
more »
A study of 170 online retail sites finds that on a whole, customer service is not great and the overall level of security and privacy protection is negligable.
more »