Thursday, March 26, 2009
Zotob is a mass-mailing worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability. It performs such actions as disabling the Windows Firewall, steals system information, transfers files via FTP, lowers security settings, and gathers e-mail addresses from the Windows Address Book.
You do not necissarily have to get this virus from an e-mail. The worm sets itself up as a service and runs on it's own.
If you are running Windows 2000, one of the symptoms of the Zotob worm is that your computer will constantly reboot.
It also uses its own SMTP engine to send itself to the email addresses that it finds. The e-mail may have one of the following subjects:
- *DETECTED* Online User Violation
- Important notification
- Security Measures
- WARNING: Your Services Near to be Closed
- You have successfully updated your password
- Your Account is Suspended
- Your Account is suspended for Security Reasons
- Your Password has been updated
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment