Virus Encyclopedia
Welcome to the Virus Encyclopedia of Panda Security.
Rahack.EP | |
Threat Level Damage Distribution |
 |
Common name: | Rahack.EP |
Technical name: | W32/Rahack.EP.worm |
Threat level: | Medium |
Type: | Worm |
Effects: |
It spreads and affects other computers.
It affects the productivity of the computer, the network to which it’s connected or other remote sites.
It spreads
, across the Internet, via mapped drives, by infecting files that are then distributed.
|
Affected platforms:
|
Windows 2003/XP/2000/NT/ME/98/95 |
First detected on: | Feb. 10, 2007 |
Detection updated on: | Feb. 10, 2007 |
Statistics | No |
Proactive protection: | Yes, using TruPrevent Technologies
|
Brief Description | |
Rahack.EP is a worm that spreads by copying itself, without infecting other files. It captures certain information entered or saved by the user, with the corresponding threat to privacy:
. It affects productivity, preventing tasks from being carried out: - In the affected computer:
causes system slowdowns.
- In the local network:
it generates a large amount of network activity and consumes bandwidth.
Rahack.EP uses the following propagation or distribution methods: - Exploiting vulnerabilities with the intervention of the user: exploiting vulnerabilities in file formats or applications. To exploit them successfully it needs the intervention of the user: opening files, viewing malicious web pages, reading emails, etc.
- Via Internet, exploiting remote vulnerabilities: attacking random IP addresses, in which it tries to insert a copy of itself by exploiting one or more vulnerabilities.
- Computer networks (mapped drives): it creates copies of itself in mapped drives.
- File infection: it infects different types of files, which are then distributed through any of the usual means: floppy disks, email messages with attachments, Internet download, files transferred via FTP, IRC channels, P2P file sharing networks, etc.
|