Security firms are warning of a new series of Sdbot worms that install a "sniffer" component to steal passwords from unsuspecting users
Published:
15 September 2004 y., Wednesday
According to Symantec and Trend Micro, the newest Sdbot variants--Symantec actually calls them "Spybot"--exploit several vulnerabilities in Windows, including the RPC DCOM flaw that was used by last summer's MSBlast and the LSASS vulnerability exploited by 2004's Sasser.
Like both Sasser and MSBlast, Sdbot doesn't require user intervention to spread, but propagates across networks by finding unpatched systems.
When Sdbot locates a vulnerable PC, it adds backdoor components that let the attacker control the machine. The worms also creates a bot that uses NetBEUI (NetBios Extended User Interface) to capture passwords for such software as the instant messaging clients from Yahoo, AOL and Microsoft.
More important, however, is the addition of a network "sniffer" that monitors traffic on the local area network, specifically for log-on usernames and passwords. "If [Sdbot] can successfully transmit the filters packet captures back to the owner they are going to cause problems well beyond typical bot infestation," said Patrick Nolan, a researcher with the Internet Storm Center, in online advisory.
The Sdbots can also install more generalized keyboard loggers and steal keys from a number of popular games, including Unreal Tournament 2004, Battlefield 1942 and NASCAR Racing 2003.
Šaltinis:
TechWeb
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
search.lt presents newest links
more »
Croatia is among the European leaders in the implementation of mobile payments, according to a recent global study of the sector by Arthur D Little, the world’s first management consulting firm
more »
It is now possible to search Russia for offers or bids to sell or buy businesses via the Internet, by means of a special search engine called "Investor Searcher"
more »
Linux creator Linus Torvalds had a few things to say this week about the way potential security issues are disclosed to fellow open sourcers
more »
NUMBER OF INTERNET USERS REACHES 675,000, MOBILE USERS 544,100
more »
British Airways has launched a new Internet site, making it easier and quicker for customers to find what they need at the click of a button
more »
The Internet has been around for much longer than most people think, with its roots able to be traced back to the 1960s. Clear goals have driven some, whilst others have become household names almost by accident. Find fascinating facts on a phenomenon that has changed communication to an extent which was previously totally unimaginable.
more »
Hewlett-Packard and Intel designed the Itanium chip together, but HP is handing the project over
more »
Internet Will be Provided to 300 Remote Villages of Lithuania
more »
The European Commission is to warn eight European Union member states to bring their regulatory regimes for electronic communications into line with common standards or face legal action in the Court of Justice
more »