Experts Debate Danger of Phatbot Worm
The new Phatbot worm, a k a Agobot, Gaobot and Polybot, is out in the wild. But experts on Wednesday debated on its name and how far it has spread.Security discussion lists and reports were abuzz Wednesday with talk of a new worm, named "Phatbot," that had spread to as many as hundreds of thousands of systems. But not all security experts agreed that the worm was widespread. As of late Wednesday afternoon, no major antivirus company had listed the worm as more than a "low" risk. Craig Schmugar, virus researcher for Network Associates Inc.s McAfee Avert research group, said the interesting variant began appearing on Monday, especially in the Asia-Pacific region, but has since toned down. There have been several variations since the initial attack, Schmugar said, some more dangerous than others. The Santa Clara, Calif. company are keeping a close eye on them, but maintaining their risk assessment of "low."
Adding to the confusion is a bewildering variety of names used for the strain, and numerous variations during the last few days. Few companies use the name Phatbot. Most call it a variation of the longstanding Gaobot or Agobot family, and sometimes as Polybot. Symantec Corp.s write-up of the worm refers to it as Gaobot.RF, declaring it to be variation number 172.