Phatbot's Family Ties
Friday, March 26, 2004; 10:11 AM
Antivirus companies are intimately familiar with Phatbot's forebears, a prolific and evolving pedigree of malicious programs identified variously as scions of the "Agobot," "Gaobot" and "Sdbot" family of Trojan horse programs.
One reason why Phatbot provoked little concern among many security firms when it first surfaced last month is because, as Symantec noted, it is the 172nd variant of the Gaobot Trojan. Gaobot programs emerged several years ago, disguised as free software and video games.
Meanwhile, hackers during the past year began turning the Trojans into worms capable of spreading to tens of thousands of computers without any action on the part of the victim.
They can stymie investigators better than other programs because hackers can control infected computers without using public forums like Internet relay chat networks or Web sites.
Phatbot can infect a computer through one of several routes, such as through security flaws in Microsoft's Windows operating system or through "backdoors" installed on machines by earlier Internet worms. Experts said that the worm poses little threat to computer users who use personal firewalls and install the latest antivirus updates and Microsoft security patches.
--Brian Krebs, washingtonpost.com Staff Writer
© 2004 TechNews.com
|
|
| | | | ___Tech Policy/Security E-letter___ Written by washingtonpost.com's tech policy team, the e-mail version of this weekly feature includes an original news article and links to policy and cyber-security stories from the previous week.
• Click Here for Free Sign-up
• Read E-letter Archive
| | | | | | |
|
