new virus: W32.Korgo.W
Results 1 to 2 of 2

Thread: new virus: W32.Korgo.W

  1. #1
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Location
    Atlanta
    Posts
    1,024

    new worm: W32.Korgo.W

    This variant was discovered yesterday (July 2nd) and looks like it's bound to cause trouble. It spreads through a Windows vulnerability on TCP port 445. It only affects WinXP and Win2k. I 'spect we'll see someone with one of those OS's asking what's up with their box, so I figured I'd give a heads up so everyone can watch out for it and we can know what to look for if somebody gets infected and comes here asking about it. This bug also edits the registry (meaning to completely restore your computer back to normal after removal - you have to edit the registry. This makes the bug much more of a pain....) and will attempt to make itself invisible on the list of processes if you bring up the task manager. It spreads through TCP by scanning random IP addresses and finding a vulnerable target. The damage it causes is mostly indirect - it functions as a backdoor and will also drain network resources. Sounds pretty nasty. Symantec has an article on it and has updated it's virus definitions to include this worm. (Btw, yes it's classified as a "worm"). So...same old drill - update your virus definitons and get all the patches for Windows.

    Source (Symantec)

    -Please lemme know if somebody already gave a heads up for this one.

    *edit*
    Should've named this thread "new worm" instead of "new virus"....my bad.

  2. #2
    Hoopy Frood
    Join Date
    Jun 2004
    Posts
    662
    Thanks for the heads up.
    "Personality is only ripe when a man has made the truth his own."

    -- Søren Kierkegaard

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides