Jump to content
Posted 24 February 2007 - 01:31 PM
Posted 24 February 2007 - 01:48 PM
Posted 24 February 2007 - 02:01 PM
Also known as Win32/Malum.BHV, Win32.Malum.BHV, Backdoor.MS03-026 Exploit.Trojan (InoculateIT), Backdoor.MS03-026_Exploit!Trojan (InoculateIT), Win32/Rbot.SP (Eset), W32/Spybot.WE (F-Secure), Backdoor.Win32.Rbot.aeu (Kaspersky)
Win32.Rbot.DUA is an IRC controlled backdoor (or "bot") that can be used to gain unauthorized access to a victim's machine. It can also exhibit worm-like functionality by exploiting weak passwords on administrative shares and by exploiting many different software vulnerabilities, as well as backdoors created by other malware. There are many variants of Rbot, and more are discovered regularly. Rbot is highly configurable, and is being very actively developed, however the core functionality is quite consistent between variants.
0 members, 0 guests, 0 anonymous users