x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with 50% off
RENEW NOW
x
48-HOUR OFFER
50%
RENEWALS
Home users only
RENEW AT A DISCOUNT
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
UP TO
-60%
BUY NOW
x
UP TO
-60%
BUY NOW
Active Scan. Scan your PC free

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

IRCBot.CNK

 
Threat LevelLow threatDamageHighDistributionNot widespread
Common name:IRCBot.CNK
Technical name:W32/IRCBot.CNK.worm
Threat level:Medium
Type:Worm
Effects:  

It connects to an IRC server in order to receive remote commands. It spreads exploiting the LSASS vulnerability, across network shares, and through shared, mapped and removable drives.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:May 8, 2009
Detection updated on:May 19, 2009
StatisticsNo

Brief Description 

    

IRCBot.CNK is a worm which connects to an IRC server in order to receive the following remote commands, among others:

  • Monitor the network traffic.
  • Download files, which can be of any nature, including malware.
  • Update itself.

IRCBot.CNK uses the following means to spread:

  • exploiting the LSASS vulnerability (MS04-011).
  • across network shares protected with weak passwords.
  • through shared, mapped and removable drives, making copies of itself in them.

Visible Symptoms 

    

IRCBot.CNK is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.

>

ARE YOU FACING ANY PC OR INTERNET RELATED PROBLEMS?
FREE SUPPORT INCLUDED. CALL US 24/7

powered by Anytech365