Dasher worm on the prowl

The Dasher.b worm attacking Windows machines still vulnerable to a bug patched in October has infected at least 3000 systems so far, security company Symantec said Friday. Dasher.b the first worm to successfully attack the MSDTC flaw disclosed and patched 11 October was detected Thursday by honeypot PCs, with several security vendors rushing out alerts that same day.

According to Symantec, once Dasher.b has infected a PC, it first contacts a central command and control server located at IP address In turn, that server then via TCP tells the compromised computer to download a malicious payload from a remote FTP server at

Source: Dasher worm on the prowl - Security - www.itnews.com.au

Linked by shanmuga Monday, 19th December 2005 6:33AM