AIM SDBot Worm Installs Lockx.exe RootKit, Takes You to eza1netsearch.com - 2,155 Views, 1 Comment
|
Previous Article « What are those ads at the bottom of the Internet Patrol website? Chitika eMiniMall!
Read Next Article » Evil New PayPal Phish! New email address added to your PayPal account!
A new AOL Instant Messenger worm called SDBot.add has been discovered which installs the Lockx.exe rootkit on your computer, and redirects your searches to eza1netsearch.com (http://www.eza1netsearch.com/sp2.php). A rootkit (also known as “root kit”) is a usually undetectable piece of malicious software which, once installed, allows someone to have full root (master) access to your computer. Once the Lockx.exe rootkit has been installed, it opens a direct connection to an IRC channel, through which people can take control of your computer. In addition to installing the Lockx.exe root kit, SDBot.add installs a host of other malware, spyware, and adware. The new AIM worm is being propagated by the usual AIM worm methods - you receive an AIM message from someone, often someone you know, with a link in it, and when you click on the link, the worm is transferred to your computer. The SDBot.add AIM worm and its Lockx.exe rootkit were discovered by FaceTime Communications, an online security company. Said Tyler Wells of FaceTime, “A very nasty bundle is downloaded to your machine. This is the first time that we have seen a rootkit as part of the bundle of applications that is sent to your machine. It is a disturbing trend.”
Follow Anne on
Twitter 
Friend Anne on Facebook
AIM SDBot Worm Installs Lockx.exe RootKit, Takes You to eza1netsearch.com
Twitter Explained in Plain English
Previous Article « What are those ads at the bottom of the Internet Patrol website? Chitika eMiniMall!
Read Next Article » Evil New PayPal Phish! New email address added to your PayPal account!
Read more:
» Newest AIM Opanki Worm says “LOL Look at Him”
» Santa Worm Making the Rounds - You Better Watch Out!
For additional similar stories check out our archives on AOL, Instant Messengers, Worms
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
Removal instructions here: http://www.tech-recipes.com/windows_spyware_tips1038.html
Here: http://www.daniweb.com/techtalkforums/thread33918.html
Comment by Joe — 1/9/2006 @ 4:21 pm