Backdoor.Win32.IRCBot
   HOME

TheInfoList



Click Here for Items Related To - Backdoor.Win32.IRCBot
OR:
Backdoor.Win32.IRCBot on:   [Wikipedia]   [Google]   [Amazon]

Backdoor.Win32.IRCBot (also known as W32/Checkout (McAfee), W32.Mubla (Symantec), W32/IRCBot-WB (Sophos), and Backdoor.Win32.IRCBot.aaq (Bydoon Center)Microsoft Encyclopedia Entry: Backdoor:Win32/IRCbot
Retrieved February 24, 2011) is a
backdoor A back door is a door in the rear of a building. Back door may also refer to: Arts and media * Back Door (jazz trio), a British group * Porta dos Fundos (literally “Back Door” in Portuguese) Brazilian comedy YouTube channel. * Works so title ...
computer worm A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It wil ...
that is spread through MSN Messenger and Windows Live Messenger. Once installed on a PC, the worm copies itself into a Windows system folder, creates a new file displayed as "Windows Genuine Advantage Validation Notification" and becomes part of the computer's automatic
startup A startup or start-up is a company or project undertaken by an entrepreneur to seek, develop, and validate a scalable business model. While entrepreneurship refers to all new businesses, including self-employment and businesses that never intend t ...
.Seattle Times: Worm pretends it's Windows program
Retrieved February 24, 2011 In addition, it attempts to send itself to all MSN contacts by offering an attachment named 'photos.zip'. Executing this file will install the worm onto the local PC. The Win32.IRCBot worm provides a backdoor
server Server may refer to: Computing *Server (computing), a computer program or a device that provides functionality for other programs or devices, called clients Role * Waiting staff, those who work at a restaurant or a bar attending customers and su ...
and allows a remote intruder to gain access and control over the computer via an Internet Relay Chat channel. This allows for confidential information to be transmitted to a hacker. Because of a lack of standard naming conventions and also because of common features, variants of Win32.IRCBot can often be confused with the
Agobot Agobot, also frequently known as Gaobot, is a family of computer worms. Axel "Ago" Gembe, a German programmer also known for leaking Half-Life 2 a year before release, was responsible for writing the first version. The Agobot source code describes ...
and Spybot family of worms. For example,
Sophos Sophos Group plc is a British based security software and hardware company. Sophos develops products for communication endpoint, encryption, network security, email security, mobile security and unified threat management. Sophos is primarily ...
lists Backdoor.Win32.IRCBot.ul, W32/Poebot-JT worm, and Win32/IRCBot.TS as aliases of the W32/Gaobot.worm.gen.e worm, a member of the Agobot family.Sophos W32/Poebot-JT Win32 Worm
/ref>


See also

* Internet Relay Chat *
Comparison of Internet Relay Chat bots 409px, An IRC bot performing a simple task.An IRC bot is a set of scripts or an independent program that connects to Internet Relay Chat as a client, and so appears to other IRC users as another user. An IRC bot differs from a regular client in t ...
*
Malware Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...
* Botnet * Trojan horse (computing)


References

Computer worms {{malware-stub