Dasher worm on the prowl
The Dasher.b worm attacking Windows machines still vulnerable to a bug patched in October has infected at least 3000 systems so far, security company Symantec said Friday. Dasher.b — the first worm to successfully attack the MSDTC flaw disclosed and patched 11 October — was detected Thursday by honeypot PCs, with several security vendors rushing out alerts that same day.
According to Symantec, once Dasher.b has infected a PC, it first contacts a central command and control server located at IP address 22.214.171.124. In turn, that server then via TCP tells the compromised computer to download a malicious payload from a remote FTP server at 126.96.36.199
Source: Dasher worm on the prowl - Security - www.itnews.com.au
Back to: PC Security, privacy news