Welcome to the Virus Encyclopedia of Panda Security.
Gaobot.LTL is a worm that connects to several IRC servers in order to receive remote control commands, acting as a backdoor. It can be instructed to obtain computer passwords, launch DoS (Denial of Service) attacks, scan IP addresses, etc.
This worm also prevents the user from accessing websites belonging to computer security companies. This way, among other consequences, the antivirus programs belonging to such companies could not be updated, which would leave the affected computer vulnerable to the attack of other malware.
Gaobot.LTL uses several different means to spread:
- Across the Internet by exploiting the vulnerabilities LSASS, RPC DCOM, WebDAV and UPnP.
- Across networks.
- Through several peer-to-peer (P2P) file sharing programs.
- Via AOL Instant Messenger (AIM) and IRC.
- Via email.
It is highly recommendable to download the security patches for the vulnerabilities LSASS, RPC DCOM, WebDAV and UPnP from the Microsoft website.
Gaobot.LTL is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.