Named after Phatbot, the new Trojan horse is infecting Asia by exploiting vulnerabilities in the Windows operating system to attack, steal & nbsp; sensitive information and take control of & nbsp; the system. This Trojan also disables some antivirus applications and blocks users & nbsp; access to many websites of security service providers.
Craig Schmugar, a McAfee Security Specialist, said that they began receiving "Phatbot & nbsp; Trojans" this week. & Nbsp; Phatbot is infecting the Internet, especially in Asia.
Phatbot scans for Windows vulnerabilities, including DCOM, DCOM2, locator services, simple network shares, WebDav, and Windows Workstation services. This Trojan also attacked systems infected with MyDoom virus.
There are also variants of Phatbot, a hacker who can & nbsp; control the system via IRC (Internet Relay Chat), or through shared networks.
When infected with a PC, Phatbot will attempt to use the system to block messages, steal Windows product keys, remove previously infected viruses such as Blaster, Welchia, and Sobig.F, and steal information posted. Enter the IRC chat channel, as well as the & FTP; ftp username and password. & nbsp; It also disables some antivirus applications and blocks access to many websites of security service providers.
Joe Stewart, a senior security researcher at Lurhq, said there were 1,000 infected machines per hour. Currently security companies have updated phatbot removal software, users can download to block.
On the same day, experts also warned that some variants of Bagle / Beagle have added another intrusion, such as providing antivirus engines, hiding under attractive images to attack the user.
The general feature of the Bagle virus is that it opens a back door on the computer so that additional code can continue to be installed on the victim machine, spread by e-mail in a series of lines. Different themes and try to turn off the antivirus program.
