Playboy Virus Dropping Dangerous Backdoor
The mass-mailing worm promises naked photos of Playboy models, but experts warn that it drops a backdoor capable of terminating the processes of anti-virus applications.Anti-virus vendors have raised the alarm for a new mass-mailing worm with a dangerous backdoor component. The worm, called W32.Maslan.C@mm, arrives as an attachment promising naked photos of Playboy models but, if executed, drops an IRC (Inter Relay Chat) bot capable of transmitting passwords and sensitive information back to the virus writer. According to an alert from McAfee, the backdoor is powerful enough to terminate the processes of various anti-virus security applications.
The worm also spreads itself via poorly secured network shares and weak passwords and takes advantage of two known exploitsLSASS and RPC-DCOMaffecting Microsoft Windows users. Patches for both exploits have been available for some time, but unpatched machines are vulnerable to worm infection.