PDA

Visualizza versione completa : Trj/Sysbug.A - Rischio 3 - Update


Giorgius
26-11-2003, 19.29.17
Aliases:
Troj/Sysbug-A (Sophos), Trj/Sysbug.A (Panda Software), Win32/Sysbug.A (Enciclopedia Virus (Ontinent)), Backdoor.Sysbug (Symantec), TROJ_SYSBUG.A (Trend Micro), BackDoor-CAG (McAfee), Troj/Sysbug (PerAntivirus)

Effetti:
Sysbug.A is a Trojan type password stealer that has been massively sent in an e-mail message with the subject Re[2]:Mary and an attachment called PRIVATE.ZIP. The attached file is compressed with a ZIP format, and contains a file with a double extension called WENDYNAKED.JPG.EXE.
Sysbug.A tries to steal confidential data, such as passwords belonging to accounts, mail servers (SMTP and POP3), newsgroups, Dial-up and networking accounts, etc. It will then log this information in a file that will be sent to a hacker.
In addition, Sysbug.A has backdoor characteristics, as it opens the TCP port 5555 and waits for control commands to carry out.

Info:
http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=42200
http://www.alerta-antivirus.es/virus/detalle_virus.html?cod=3297&PHPSESSID=92953fa76c166d86ece5052f765ff69d
http://esp.sophos.com/virusinfo/analyses/trojsysbuga.html
http://www.enciclopediavirus.com/virus/vervirus.php?id=641
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=TROJ_SYSBUG.A
http://www.perantivirus.com/sosvirus/virufamo/sysbug.htm
http://www.symantec.com/avcenter/venc/data/backdoor.sysbug.html


Aggiornamento AntiVirus al 25.11.03 ;)(Y)