Symantec issues signature for new worm variant

Worm propogates via e-mail, seeks to set up botnets

Tim Greene (Network World)
02 March, 2007 11:56
Comments

Security experts are urging users of Symantec antivirus software to update it to combat a new variant of the worm known as either Rinbot or Delbot, depending on what naming convention is used.

The worm exploits a vulnerability in Symantec software and seeks to set up botnets from which denial-of-service attacks can be launched. It propagates by creating e-mails with the worm program attached or by attaching the program to outgoing e-mail, says Ron O'Brien, a senior security analyst at Sophos .

Symantec has the worm listed as one of two latest threats today, and has issued a Daily LiveUpdate that protects against what the company calls W32.Rinbot.L. Sophos calls the worm W32/Delbot-L.

The worm takes advantage of weak passwords to install on machines including Microsoft SQL servers using Windows network APIs, such as the Messaging API, says O'Brien. The worm creates registry changes in machines it infects that must be removed. Symantec classifies removal as easy.

The worm was detected at work against servers in CNN's network Wednesday, according to O'Brien.

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email Computerworld
Follow Computerworld on twitter

More about: CNN, Microsoft, Sophos, Symantec

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Look both ways - Protecting your data with content inspection

Today’s threat environment is as dynamic as the business world in which we operate. As the communications channels we use continue to proliferate and evolve, so too have the vulnerabilities. Finding the right balance between ensuring the security of sensitive data, enabling the free flow of information and making full use of the latest web-based technologies can be a challenge. Deep content inspection is a vital layer in any unified information security strategy, helping organisations to take control over their information assets while proactively protecting against malware and data leakage. Read on.

Featured Download

ClamWin Free Antivirus

ClamWin Free Antivirus is an open source GPL virus scanner for Microsoft Windows 7 / Vista / XP / Me / 2000 / 98 and ...

Zones

Most Popular Whitepapers

Process-Driven Master Data Management for Dummies

We wrote this book to introduce you to the subject of processdriven MDM. It’s a big topic, one that far outstrips the ability of a brief book to cover. However, our hope is that by reading this book you will gain a fundamental understanding of processdriven MDM, how it works, and what it takes to make it a success in your organisation.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management

Latest Jobs

CCSAP FICO ConsultantNT
FTChange Management ProfessionalsNSW
FTIT Account Manager - System Integrator - Career Progression - Start ImmediatelyNSW
CCSystem Engineer - Lync and Exchange - CONTRACTSWA
FTQM Trainer and ConsultantNSW
CCOBIEE ConsultantWA
FTSenior Citrix EngineerNSW
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
CCSAP PM ConsultantNSW
CCSystem Engineer - Exchange - CONTRACTSWA
FTProduct Manager Strategist - Enterprise ApplicationsNSW
FTSenior Citrix EngineerNSW
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
FTSAP Basis ConsultantACT
FTTechnical Services Engineer - ShoreTel/MitelVIC
CCAvaya Engineer - ERS 8600 4.1NSW
FTSenior Network Engineer - Cisco / Nexus / UCS / - Routing / Switching / WirelessNSW
FTSAP Basis ConsultantNSW
FTiPhone App DeveloperNSW
CCPC Relocation Technicians - Multiple Roles availableSA
FTiPhone Developer DeveloperNSW
FTIT Service Desk EngineerNSW
FTIT Service Desk EngineerNSW
FTiPhone App DeveloperNSW
FTiPhone App DeveloperNSW

Market Place

Symantec issues signature for new worm variant

Comments

Post new comment

Mining boom to continue Australian economic growth: OECD

Coalition NBN better or worse?

A comparison of Telstra's 4G phones

Which tablet should I buy? iPad 2 vs Sony Tablet S

Bredolab botnet author sentenced to 4 years in prison in Armenia

NBN ISS could pose capacity constraints

NBN service plans won't cost consumers more: Conroy

Microsoft at a loss over Event Viewer scam

Stallman: If you want freedom don't follow Linus Torvalds

Coalition NBN better or worse?

Conroy turns the attack to Hockey

Look both ways - Protecting your data with content inspection

The Need for DLP (data leak prevention) now

Best Practices for Secure Enterprise Content Mobility

Risk management: ensuring the security of your hosted information

ClamWin Free Antivirus

Avaya Air Cover Zone

Application Lifecycle Management

HP Converged Storage Zone

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Process-Driven Master Data Management for Dummies

Business Intelligence Best Practices for Dashboard Design

Learning To Compete: IT’s Next Transformation

Seven Steps to Effective Data Governance

Guidance for Calculation of Efficiency (PUE) in Data Centers

Computerworld newsletter

Don't have an account?

Symantec issues signature for new worm variant

Comments

Post new comment

Computerworld newsletter