Welcome to the Virus Encyclopedia of Panda Security.
|Effects: ||It infects SQL servers, it obtains the user name and password of affected computers and sends them to an e-mail address (firstname.lastname@example.org).
|First detected on:||May 21, 2002|
|Detection updated on:||May 21, 2002|
Spida is a worm that infects servers with Microsoft’s SQL application installed and an administrator account that is not password-protected.
It is important to remember that in the SQL application, the default administrator account has a blank password. This account remains blank until the administrator protects it manually.
Once the server has been infected, Spida saves all the passwords for resources in a text file. Then, it sends this file to an e-mail address. This leaves the infected server vulnerable.
Spida is difficult to identify. The main symptom of infection an e-mail message in the Sent Items folder, which you did not send. This message has the following characteristics:
- Attachment file: