Malware Alert - BKDR_IRCBOT.BGY
admin on June 18th, 2008
Malware type: Backdoor
Aliases: Backdoor.Win32.IRCBot.djh (Kaspersky),
In the wild: Yes
Destructive: No
Language: English
Platform: Windows 98, ME, NT, 2000, XP, Server 2003
Encrypted: No
Malware Overview
This backdoor may be dropped by other malware. It may be downloaded from remote site(s) by other malware. It may be downloaded unknowingly by a user when visiting malicious Web site(s).
It drops copy(ies) of itself.
Upon execution, it displays a fake message box to trick users into thinking that the malware did not execute.
It creates registry entry(ies) to enable its automatic execution at every system startup.
It opens a random port to allow a remote user to connect to the affected system. Once a successful connection is established, the remote user executes certain commands on the affected system. This routine effectively compromises the affected system.
Details : BKDR_IRCBOT.BGY Details
Removal : BKDR_IRCBOT.BGY Removal
Alert Issued on Jun. 7, 2008 1:57:54 PM GMT -0800 by Trend Micro
