A worm called Zotob

By Derek Sooman on August 15, 2005, 8:07 PM
A new worm called Zotob is spreading around the Net, exploiting a well known loophole in Windows' plug-and-play interface. Users of Windows 2000 who have not yet patched are especially vulnerable. Zotob spreads via packets sent to TCP Port 445, and then makes contact via FTP to the computer it came from, initiating the download of further malicious code. It also opens an IRC channel, and can be controlled remotely from there. As noted, there is patch protection against infection, so really it is mainly unpatched Windows 2000 users that are mainly at risk.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.