Botnet Herders Attack MS06-040 Worm Hole

The first wave of malicious attacks against the MS06-040 vulnerability is underway, using malware that hijacks unpatched Windows machines for use in IRC-controlled botnets.

The attacks, which started late Aug. 12, use a variant of a backdoor Trojan that installs itself on a system, modifies security settings, connects to a remote IRC (Internet Relay Chat) server and starts listening for commands from a remote hacker, according to early warnings from anti-virus vendors.

The MSRC (Microsoft Security Response Center) described the attack as "extremely targeted" and said it appears to be specifically targeting unpatched Windows 2000 machines.

"[This is] very much unlike what we have seen in the past with recent Internet-wide worms," said MSRC program manager Stephen Toulouse. "In fact, our initial investigation reveals this isn't a worm in the "auto-spreading" classic sense," he added.

View: eWeek Story

Report a problem with article
Previous Story

Ballmer: Microsoft must be "multicore" to survive

Next Story

802.11n Release Delayed

0 Comments

There are no comments

Commenting is disabled on this article.