A new botnet - Mocbot
A new botnet is making the rounds. And guess who was the first to notify us. Our very own Handler Patrick Nolan. He even beat our primary informant, Juha-Matti. Way to go Patrick.
This botnet client has been spread using the MS05-047 vulnerability, continues their entry.
http://www.f-secure.com/weblog/
http://www.f-secure.com/weblog/archives/archive-102005.html#00000685
http://www.f-secure.com/v-descs/mocbot.shtml
McAfee has information at:
http://vil.nai.com/vil/content/v_136637.htm
This is a heads up for some since botnet owners are using it to further exploit networks they already have a presence on. If you haven't already patched - you may want to do so now.
(Update):
According to McAfee and F-Secure, they have amended that this botnet is exploiting MS05-039 instead of MS05-047.
This botnet client has been spread using the MS05-047 vulnerability, continues their entry.
http://www.f-secure.com/weblog/
http://www.f-secure.com/weblog/archives/archive-102005.html#00000685
http://www.f-secure.com/v-descs/mocbot.shtml
McAfee has information at:
http://vil.nai.com/vil/content/v_136637.htm
This is a heads up for some since botnet owners are using it to further exploit networks they already have a presence on. If you haven't already patched - you may want to do so now.
(Update):
According to McAfee and F-Secure, they have amended that this botnet is exploiting MS05-039 instead of MS05-047.
Keywords:
0 comment(s)
×
![modal content]()
Diary Archives
Comments