[mso] Virus Alerts [Panda Software reports the new Sdbot.N Trojan - 10/21/03]

• From: James S <james2900s@xxxxxxxxx>
• To: james2900s@xxxxxxxxx
• Date: Tue, 21 Oct 2003 16:02:47 -0700 (PDT)

From :   Panda Software Communication <communication@xxxxxxxxxxxxxxxxx> 
Reply-To :   Virus Alerts <VIRUSALERTSCOM@xxxxxxxxxxxxxxxxxxxxxxxxx> 
To :   VIRUSALERTSCOM@xxxxxxxxxxxxxxxxxxxxxxxxx  
Subject :   Virus Alerts [Panda Software reports the new Sdbot.N Trojan - 10/ 
21/03]  
Date :   Tue, 21 Oct 2003 16:01:37 +0200  
         - Panda Software reports the new Sdbot.N Trojan -
    Virus Alerts, by Panda Software (http://www.pandasoftware.com) 
 
Madrid, October 21, 2003 - PandaLabs has detected the appearance of Sdbot.N 
(Bck/Sdbot.N) a new and potentially dangerous Trojan. This malicious code could 
allow hackers to take a series of damaging actions on affected computers. 
 
To make matters worse, the creators of Sdbot.N have mass-mailed the Trojan in a 
message with the subject field: Microsoft Security Update and an
attached file called MS03-047.EXE. The message text tries to convince the
recipient that the e-mail has been sent by Microsoft, and this has no doubt
been the reason why Panda Software's support staff have already received
reported incidents involving Sdbot.N.
 
As soon as Sdbot.N is run, this Trojan displays the message "Update
complete", and goes memory resident.
 
It also creates a series of Windows Registry entries to ensure it is
constantly present on the computer and it copies its code in a file called
autoupdate.exe in the Windows system directory.
 
Sdbot.N includes its own IRC client, so the Trojan can connect to a
pre-defined IRC channel even if the user doesn't have an IRC application
installed. This connection could allow a hacker to send instructions to the
computer under attack, including orders to scan ports, update the Trojan, or
launch denial of service attacks.
 
To prevent possible incidents involving this Trojan, Panda Software advises
users to treat e-mails received with caution, and to update their antivirus
solutions as soon as possible.  The company has already made the updates to its 
products available to users to ensure their solutions can detect and
eliminate Sdbot.N. Those whose software is not configured to update
automatically, should update their solutions from
http://www.pandasoftware.com.
 
Users can also scan their computers using the free, online antivirus, Panda
ActiveScan, which is available on the company's website at
http://www.pandasoftware.com.
For further information about these and other malicious code, visit Panda
Software's Virus Encyclopedia at:
http://www.pandasoftware.com/virus_info/encyclopedia/.
Additional information
- Resident / Resident virus: A program or file is referred to as resident
when it is stored in the computer's memory, continuously monitoring
operations carried out on the system.
- DoS / Denial of Service: This is a type of attack, sometimes caused by
viruses, that prevents users from accessing certain services ( in the
operating system, web servers etc.).
 
More definitions of virus and antivirus terminology at:
http://www.pandasoftware.com/virus_info/glossary/default.aspx
NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.


---------------------------------
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search

*************************************************************
You are receiving this mail because you subscribed to mso@xxxxxxxxxxxxx or 
MicrosoftOffice@xxxxxxxxxxxxxxxx

To send mail to the group, simply address it to mso@xxxxxxxxxxxxx

To Unsubscribe from this group, send an email to 
mso-request@xxxxxxxxxxxxx with the word "unsubscribe" (without the quotes) in 
the subject line.

Or, visit the group's homepage and use the dropdown menu.  This will also allow 
you to change your email settings to digest or vacation (no mail).
//www.freelists.org/webpage/mso

To be able to use the files section for sharing files with the group, send a 
request to mso-moderators@xxxxxxxxxxxxx and you will be sent an invitation with 
instructions.  Once you are a member of the files group, you can go here to 
upload/download files:
http://www.smartgroups.com/vault/msofiles
*************************************************************

• Follow-Ups:
  • [mso] Re: Virus Alerts [Panda Software reports the new Sdbot.N Trojan - 10/21/03]
    • From: Linda F. Johnson

Other related posts:

• » [mso] Virus Alerts [Panda Software reports the new Sdbot.N Trojan - 10/21/03]
• » [mso] Re: Virus Alerts [Panda Software reports the new Sdbot.N Trojan - 10/21/03]

1. Home
2. mso
3. Archive
4. 10-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---