Full-disclosure] SQL injection worm ?

[Willem Koenings <infsec () gmail com>]

Maxime Ducharme mducharme at cybergeneration.com  wrote:

> 24.164.202.24 is on rr.com networks, they have also been advised.
>
> I know rbot.exe is known to be Randex worm, but i'd like that have
> some other results / analysis.

What i see is that this rBot.exe acts like regular rbot/sdbot


all the best,

W.

ps. kaspersky also agrees with me : Backdoor.Win32.Rbot.gen
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html