Focus on Virus
Back to list
RE: New Virus/Worm
Aug 22 2005 04:47PM
Biswas, Proneet (pbiswas ipolicynetworks com)
The Backdoor CEB is very old as per Mcafee and the message is that of a
Reptile FTP Server.
What you might be seeing is a variant of the ZOTOB which is right now
installing FTP backdoor servers.
To have known the best, and to have known it for the best, is success in
From: Shiva Palancha [mailto:shivapalancha (at) gmail (dot) com [email concealed]]
Sent: Monday, August 22, 2005 7:36 AM
To: Jack Vizelter
Cc: focus-virus (at) securityfocus (dot) com [email concealed]
Subject: Re: New Virus/Worm
Please check this info published on Symantec's website -
On 8/21/05, Jack Vizelter <jack (at) mail.rockefeller (dot) edu [email concealed]> wrote:
> Since about 5pm last night, we've been hit hard, so far about 60
> mostly running Windows 2000 got infected.
> All infected computers show a backdoor on a random TCP port such as:
> xxx.xx.xxx.xxx 5794/tcp dhcp-xxx-xxx.xxxxxxxxx.xxx
> 220 Reptile welcomes you....
> Has anyone seen or expierenced similar?
> We don't know what processes are running on the PC's until tomorrow
> can get to them.
> Any and all info is greatly appreciated.
[ reply ]
Copyright 2010, SecurityFocus