Security Basics mailing list archives
Re: IM Logic withholds details of Santa Claus IM worm, unless you?re a customer
From: pc.tech1 () comcast net
Date: 23 Dec 2005 23:23:11 -0000
FYI... Santa IM Worm (bot) update - http://isc.sans.org/diary.php?storyid=955 Last Updated: 2005-12-22 20:06:28 UTC "More details came to us on the Santa IM worm discussed earlier. We were able to capture and examine the malware... Further info: gift.com renames itself to c:\windows\winrpc.exe, and sets itself up as the service "Windows RPC Services". There is no rootkit built in, it is totally dependant on download instructions from the command and control site. Rather than calling it a "worm" as was reported in the press, a more accurate description is that it's a bot with replicating capabilities..." . --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- Re: IM Logic withholds details of Santa Claus IM worm, unless you?re a customer pc . tech1 (Dec 26)