A new worm called Zotob is spreading around the Net, exploiting a well known loophole in Windows' plug-and-play interface. Users of Windows 2000 who have not yet patched are especially vulnerable. Zotob spreads via packets sent to TCP Port 445, and then makes contact via FTP to the computer it came from, initiating the download of further malicious code. It also opens an IRC channel, and can be controlled remotely from there. As noted, there is patch protection against infection, so really it is mainly unpatched Windows 2000 users that are mainly at risk.
A worm called Zotob
By Derek Sooman
Serving tech enthusiasts for over 25 years.
TechSpot means tech analysis and advice you can trust.
TechSpot means tech analysis and advice you can trust.
0 comments
0 likes and shares