"Nugache" Worm/Bot using P2P control channel

WebsenseŽ Security Labs (TM) has received several reports of a new worm, "Nugache", which is spreading on AOL/MSN Instant Messenger networks and as an e-mail attachment by exploiting several workstation vulnerabilities. The worm opens a back door on TCP port 8, and installs a bot to wait for commands from the attacker. The command & control channel that is used is unique, as the bot appears to connect to infected peers instead of a static list. WebsenseŽ - Security Labs Alert: "Nugache" Worm/Bot using P2P control channel

Linked by shanmuga Tuesday, 2nd May 2006 7:59AM