x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Spyki.A

Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Spyki.A
Technical name:PHP/Spyki.A.worm
Threat level:Low
Alias:Exploit-phpBB!hilight
Type:Worm
Effects:  

It compromises servers running a vulnerable version of the application phpBB. It allows remote access to affected servers.

Affected platforms:

Unix; IIS; Linux

First detected on:Dec. 28, 2004
Detection updated on:Dec. 28, 2004
StatisticsNo

Brief Description 

    

Spyki.A is a worm that affects servers running a version of the application phpBB prior to 2.0.11. phpBB is an open source program used to easily create bulletin boards, forums and newsgroups. It uses a vulnerability in one of the files belonging to phpBB in order to gain remote access to those servers; this vulnerability is known as Remote URLDecode Input Validation.

Once it has affected a server, the worm carries out several actions, in order to allow remote access to the affected server:

  • It installs several programs, which can be controlled via IRC in order to automatically perform malicious actions (commonly known as bots).
  • It opens TCP port 6667 and connects to an IRC server in order to receive remote control commands.
  • It scans several ports, in order to check if they are open.

Bear in mind that your computer cannot be affected by Spyki.A unless a vulnerable version of phpBB is installed.

 

If your computer is running a version of phpBB prior to 2.0.11, please update it to this version or later.

Visible Symptoms 

    

Spyki.A is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.

However, keep in mind that Spyki.A could slow down or even block the affected server.