If this page does not print out automatically, select Print from the File menu.

MyDoom variant opens backdoor IRC channel

Hackers able to take complete control of affected PCs

Iain Thomson, vnunet.com 10 May 2005

Security experts have warned of a newly intercepted worm spreading throughout Europe which allows hackers to take remote control of infected PCs.

MyDoom.BQ, also known as Mytob.ED, arrives as an attachment in an email claiming that the user's email system has been "locked" for security reasons.

Once the attachment is opened the worm harvests email addresses to send itself on, and installs a backdoor channel to IRC that allows remote control of the PC.

"The IRC 'bot' program allows a remote user to perform malicious commands, such as downloading or executing files, on an affected machine through IRC backdoors," said a spokeswoman for Trend Micro, which rates the worm a 'medium' threat.

"Gaining remote access to an affected system directly compromises system security and leaves victims at risk of further malicious attacks."

The worm also redirects attempts to log-on to antivirus websites, making it difficult to download fresh virus signature files. To defeat this users should download the definitions on a separate PC and transfer the files over.

Permalink: http://www.pcw.co.uk/2127316

www.pcw.co.uk/2127316

This article was printed from the Personal Computer World web site
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

Close this window to return to the website